Difference between revisions of "Record Access Permissions"
From AgileApps Support Wiki
imported>Aeric |
imported>Aeric  |
||
Line 1: | Line 1: | ||
::Record access: | ::Record access: | ||
{{permission| | {{permission| | ||
* In general, any user who can access an object can view all of the records it contains. | * In general, any user who can access an object can view all of the records it contains. (To access the object, they must be granted access to an application that contains it.) | ||
* One special case occurs when a record is owned by some other member of their team. In that case, the record becomes invisible, unless ''View'' permission has enabled in their [[Roles#Role Permissions|Role Permissions]], or unless their [[Access Profile]] gives them Global View permission. | * One special case occurs when a record is owned by some other member of their team. In that case, the record becomes invisible, unless ''View'' permission has enabled in their [[Roles#Role Permissions|Role Permissions]], or unless their [[Access Profile]] gives them Global View permission. | ||
* Another special case occurs when [[Record Level Visibility]] has been enabled for an object, and visibility criteria has been specified for an individual record. In that case, | * Another special case occurs when [[Record Level Visibility]] has been enabled for an object, and visibility criteria has been specified for an individual record. In that case, a user who can see the record only when (a) They have been granted access to an application that contains the object, and (b) They match the visibility criteria specified for that record. | ||
* Users with ''Add'' permission enabled in [[Roles#Role Permissions|Role Permissions]] or the [[Access Profile]] can add records | * Users with ''Add'' permission enabled in [[Roles#Role Permissions|Role Permissions]] or the [[Access Profile]] can add records | ||
* Users with ''Update'' permission enabled in [[Roles#Role Permissions|Role Permissions]] or the [[Access Profile]] can update records | * Users with ''Update'' permission enabled in [[Roles#Role Permissions|Role Permissions]] or the [[Access Profile]] can update records |
Latest revision as of 22:25, 11 September 2015
- Record access:
- In general, any user who can access an object can view all of the records it contains. (To access the object, they must be granted access to an application that contains it.)
- One special case occurs when a record is owned by some other member of their team. In that case, the record becomes invisible, unless View permission has enabled in their Role Permissions, or unless their Access Profile gives them Global View permission.
- Another special case occurs when Record Level Visibility has been enabled for an object, and visibility criteria has been specified for an individual record. In that case, a user who can see the record only when (a) They have been granted access to an application that contains the object, and (b) They match the visibility criteria specified for that record.
- Users with Add permission enabled in Role Permissions or the Access Profile can add records
- Users with Update permission enabled in Role Permissions or the Access Profile can update records
- Users with Delete permission enabled in Role Permissions or the Access Profile can delete records
- Access to records owned by other team members:
- Read: View permission enabled in Role Permissions
- unless Record Level Visibility has been enabled, and visibility criteria has been specified for a record. (In that case, only users who match the criteria can read the record.)
- Update: Update permission enabled in Role Permissions
- Delete: Delete permission enabled in Role Permissions
This page is transcluded into the record-processing API pages. See also: Data Access Permissions for the GUI notes.