Difference between revisions of "About Roles and Data Visibility"

From AgileApps Support Wiki
imported>Aeric
imported>Aeric
Line 1: Line 1:
__NOINDEX__
__NOINDEX__
:*[[Application Access]] determines who can use an application
:*[[Application Access]] determines who can use an application
:*[[Roles]] specify high-level access rights to application objects
:*[[Access Profiles]] specify administrative and global-access permissions
:*[[Roles]] specify high-level access rights to individual application objects
:* The privileges granted in Access Profiles and Roles are ''additive''. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission.
:*[[Custom Access Criteria]] can be used to specify access rights for individual [[Record]]s (add, view, update, delete), based on record data, user characteristics, and any other available information.
:*[[Custom Access Criteria]] can be used to specify access rights for individual [[Record]]s (add, view, update, delete), based on record data, user characteristics, and any other available information.
:*[[Visibility Controls]] define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on [[Record Owners|Record Ownership]]
:*[[Visibility Controls]] define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on [[Record Owners|Record Ownership]]

Revision as of 21:04, 10 October 2012

  • Application Access determines who can use an application
  • Access Profiles specify administrative and global-access permissions
  • Roles specify high-level access rights to individual application objects
  • The privileges granted in Access Profiles and Roles are additive. If either the Access Profile or the Role grants permission to perform some operation on an object, then the user has that permission.
  • Custom Access Criteria can be used to specify access rights for individual Records (add, view, update, delete), based on record data, user characteristics, and any other available information.
  • Visibility Controls define whether User data is available to other users, whether records in objects are visible or hidden and optionally, whether the User has rights to modify data records based on Record Ownership
  • Data Sharing Policies are a set of rules that enable users to share data across Teams, with the level of access based on each User's Role
Note that Team Data Sharing Policies override record-level access specified by individual Visibility Controls.