Difference between revisions of "About Roles and Data Visibility"
From AgileApps Support Wiki
imported>Aeric |
imported>Aeric |
||
| Line 4: | Line 4: | ||
:*[[Roles]] specify high-level access rights to individual application objects | :*[[Roles]] specify high-level access rights to individual application objects | ||
:* The privileges granted in Access Profiles and Roles are ''additive''. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission. | :* The privileges granted in Access Profiles and Roles are ''additive''. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission. | ||
:*[[Visibility Controls]] define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on [[Record Owners|Record Ownership]] | :*[[Visibility Controls]] define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on [[Record Owners|Record Ownership]] | ||
:*[[Data Sharing Policies]] are a set of rules that enable users to share data across [[Teams]], with the level of access based on each User's [[Role]] | :*[[Data Sharing Policies]] are a set of rules that enable users to share data across [[Teams]], with the level of access based on each User's [[Role]] | ||
:* [[Team Data Sharing Policies]] override record-level access specified by individual [[Visibility Controls]]. | :* [[Team Data Sharing Policies]] override record-level access specified by individual [[Visibility Controls]]. | ||
:*[[Role Based Permission Control|Field Visibility (Role Based Permission Control)]] can also be used data visibility rights at the [[Fields|Field]] level | :*[[Role Based Permission Control|Field Visibility (Role Based Permission Control)]] can also be used data visibility rights at the [[Fields|Field]] level | ||
Revision as of 01:03, 12 October 2012
- Application Access determines who can use an application
- Access Profiles specify administrative and global-access permissions
- Roles specify high-level access rights to individual application objects
- The privileges granted in Access Profiles and Roles are additive. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission.
- Visibility Controls define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on Record Ownership
- Data Sharing Policies are a set of rules that enable users to share data across Teams, with the level of access based on each User's Role
- Team Data Sharing Policies override record-level access specified by individual Visibility Controls.
- Field Visibility (Role Based Permission Control) can also be used data visibility rights at the Field level