Custom
Define permissions for a custom object
The Access Control List allows you to define permissions for custom objects in your tenant. Modifying permissions for an object allows you to grant access to actions that affect the object, which can be executed from API calls or portal pages. You can grant a role full access, custom access, or no access to the object. You can also customize the level of access users have to the actions and fields within the object. The TenantAdministrator role has full access to all objects.
To define permissions for a custom object, complete the following steps in the portal.
-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Object, and then select the desired object.Step InformationResult: The list of roles displays, along with each role's access to the object.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the object, select Full Access.Note:This allows all users within the role to use API calls to add, read, modify, search, and update the object itself, and all fields within the object.
-
To prevent the role from being able to view the object, select No Access.
-
To customize the level of access the role will have to the object, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions. -
-
If you selected Custom Access, complete the following substeps.
-
If Action Level Permissions display, turn the Execute switch on to allow, or off to disallow, access to any actions that can be executed for the object.Step InformationNote: You can also use Select All to turn the switch on for all actions, or Deselect All to turn the switch off for all actions.
-
Under Field Level Permissions, turn the Read switch on to allow read access, or off to disallow read access, for each of the fields in your object.Step InformationNote: You can also use Select All to turn the switch on for all fields, or Deselect All to turn the switch off for all fields.
-
Under Field Level Permissions, turn the Update switch on to allow editing, or off to disallow editing, for each of the fields in your object.Step InformationNote: You can also use Select All to turn the switch on for all fields, or Deselect All to turn the switch off for all fields.
-
Select Apply Permissions.
Expected ResultResult: A "Permissions Applied" message displays, indicating that the object permissions were successfully updated. -
-
Optional. Grant access to any pages that use data from your custom object.Step InformationNote:For steps, refer to Define permissions for a custom page. If your object is used by a system page, refer to the ACL documentation for that page.
Define permissions for a virtual object
The Access Control List allows you to define permissions for virtual objects in your tenant. Modifying permissions for an object allows you to grant access to actions that affect the object, which can be executed from API calls or portal pages. You can grant a role full access, custom access, or no access to the object. You can also customize the level of access users have to the actions and fields within the object. The TenantAdministrator role has full access to all objects.
To define permissions for a virtual object, complete the following steps in the portal.
-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Object, and then select the desired object.Step InformationResult: The list of roles displays, along with each role's access to the object.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the object, select Full Access.Note:This allows all users within the role to use API calls to add, read, modify, search, and update the object itself, and all fields within the object.
-
To prevent the role from being able to view the object, select No Access.
-
To customize the level of access the role will have to the object, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions. -
-
If you selected Custom Access, complete the following substeps.
-
If Action Level Permissions display, turn the Execute switch on to allow, or off to disallow, access to any actions that can be executed for the object.Step InformationNote: You can also use Select All to turn the switch on for all actions, or Deselect All to turn the switch off for all actions.
-
Under Field Level Permissions, turn the Read switch on to allow read access, or off to disallow read access, for each of the fields in your object.Step InformationNote: You can also use Select All to turn the switch on for all fields, or Deselect All to turn the switch off for all fields.
-
Under Field Level Permissions, turn the Update switch on to allow editing, or off to disallow editing, for each of the fields in your object.Step InformationNote: You can also use Select All to turn the switch on for all fields, or Deselect All to turn the switch off for all fields.
-
Select Apply Permissions.
Expected ResultResult: A "Permissions Applied" message displays, indicating that the object permissions were successfully updated. -
-
Optional. Grant access to any pages that use data from your virtual object.Step InformationNote:For steps, refer to Define permissions for a custom page. If your object is used by a system page, refer to the ACL documentation for that page.
Define permissions for a custom page
The Access Control List allows you to define permissions for custom pages in your tenant. Modifying permissions for a page allows you to grant access to the page itself. Access to the data within the page is inherited from the object that contains the data. You can grant a role full access, custom access, or no access to the page. The TenantAdministrator role has full access to all pages.
Prerequisites:
-
Grant access to any data required by the page. Access to data is inherited from the object that contains the data. For steps, refer to Define permissions for a custom object. If your page uses data from a system object, refer to the ACL documentation for that object.
-
If you want to allow users to access a page, you must also grant permissions for any parent pages in the menu structure.
To define permissions for a custom page, complete the following steps in the portal.
-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Pages, and then select the desired page securable.Step InformationResult: The list of roles displays, along with each role's access to the page.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the page, select Full Access.
-
To prevent the role from being able to view the page, select No Access.
-
To customize the level of access the role will have to the page, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the page permissions were successfully updated. -
-
If you selected Custom Access, under Top Level Permissions, for Page, turn the View switch on to allow read access to the page, or off to disallow read access.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the page permissions were successfully updated.
Loading...
There was a problem loading this topic