Object models
Define permissions for the Model object
The Model object contains data for the object models in your tenant. The Access Control List allows you to define permissions for the Model object. Modifying permissions for an object allows you to grant access to actions that affect the object, which can be executed from API calls or portal pages. You can grant a role full access, custom access, or no access to the object. You can also customize the level of access users have to the actions and fields within the object. The TenantAdministrator role has full access to all objects.
Important:The Authenticated User role has read access to the Model object by default. DSI highly recommends that you do not revoke this access.
To define permissions for the Model object, complete the following steps in the portal.-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Object (System), and then select Model Object.Step InformationResult: The list of roles displays, along with each role's access to the object.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the object, select Full Access.Note:This allows all users within the role to use API calls to add, read, modify, search, and update the object itself, and all fields within the object.
-
To prevent the role from being able to view the object, select No Access.
-
To customize the level of access the role will have to the object, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions. -
-
If you selected Custom Access, under Action Level Permissions, turn the Execute switch on to allow, or off to disallow, each of the following actions.
-
Add: Allows the role to add object models.
-
Read: Allows the role to view object models.
-
Modify: Allows the role to change the object definition for the Model object.
-
Search: Allows the role to search for specific object models.
-
Update: Allows the role to edit object models.
-
-
If you selected Custom Access, under Field Level Permissions, turn the Read switch on to allow read access, or off to disallow read access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Model object.
-
If you selected Custom Access, under Field Level Permissions, turn the Update switch on to allow the role to update, or off to disallow update access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Model object.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions.
-
Optional. If you want to allow a role to edit object models, complete the following substeps.
-
Optional. To define permissions for portal pages that use data from the Model object, complete the following substeps.
Field level permissions for the Model object
The Access Control List (ACL) allows you to customize the level of access users have to the fields within the Model object.
The list of fields is populated from the list of attributes in the Model object. The following permissions can be modified for each field.
-
Read: allows or disallows read access.
-
Update: allows or disallows editing.
When modifying field level permissions, keep in mind that some fields are required for specific actions.
The following fields are available for the Model object.
Name
The name of the object model.
Full access to this field is required when adding or editing a model.
Layout
The position of the objects on the model canvas.
Full access to this field is required when adding or editing a model.
Modelid
The ID assigned to a model.
Full access to this field is required when adding or editing a model.
Createdby
The userid of the user who created the model.
Full access to this field is required when adding or editing a model.
Updatedby
The userid of the user who last updated the model.
Full access to this field is required when adding or editing a model.
Whencreated
The date and time a model was created.
Full access to this field is required when adding a model.
Whenupdated
The date and time a model was updated.
Full access to this field is required when adding or editing a model.
Define permissions for Model Object References
The Model Object Reference object contains data for the objects and models in your tenant. The Access Control List allows you to define permissions for the Model Object Reference object. Modifying permissions for an object allows you to grant access to actions that affect the object, which can be executed from API calls or portal pages. You can grant a role full access, custom access, or no access to the object. You can also customize the level of access users have to the actions and fields within the object. The TenantAdministrator role has full access to all objects.
Important:The Authenticated User role has read access to the Model Object Reference object by default. DSI highly recommends that you do not revoke this access.
To define permissions for the Model Object Reference object, complete the following steps in the portal.-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Object (System), and then select Model Object Reference.Step InformationResult: The list of roles displays, along with each role's access to the object.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the object, select Full Access.Note:This allows all users within the role to use API calls to add, read, modify, search, and update the object itself, and all fields within the object.
-
To prevent the role from being able to view the object, select No Access.
-
To customize the level of access the role will have to the object, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions. -
-
If you selected Custom Access, under Action Level Permissions, turn the Execute switch on to allow, or off to disallow, each of the following actions.
-
Add: Allows the role to add objects and models.
-
Read: Allows the role to view objects and models.
-
Modify: Allows the role to change the object definition for the Model Object Reference object.
-
Search: Allows the role to search for specific objects and models.
-
Update: Allows the role to edit objects and models.
-
-
If you selected Custom Access, under Field Level Permissions, turn the Read switch on to allow read access, or off to disallow read access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Model Object Reference object.
-
If you selected Custom Access, under Field Level Permissions, turn the Update switch on to allow the role to update, or off to disallow update access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Model Object Reference object.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions.
-
Optional. If you want to allow a role to edit object models, complete the following substeps.
-
Optional. To define permissions for portal pages that use data from the User object, complete the following substeps.
Field level permissions for the Model Object Reference object
The Access Control List (ACL) allows you to customize the level of access users have to the fields within the Model Object Reference object.
The list of fields is populated from the list of attributes in the Model Object Reference object. The following permissions can be modified for each field.
-
Read: allows or disallows read access.
-
Update: allows or disallows editing.
When modifying field level permissions, keep in mind that some fields are required for specific actions.
The following fields are available for the Model Object Reference object.
Modelid
The ID of the model that references the Model Object Reference object.
Full access to this field is required when adding or editing an object or model.
Objectid
The ID of the object that references the model object.
Full access to this field is required when adding or editing an object or model.
Createdby
The userid of the user who created the model object reference.
Full access to this field is required when adding or editing an object or model.
Updatedby
The userid of the user who last updated the model object reference.
Full access to this field is required when adding or editing an object or model.
Whencreated
The date and time a model object reference was created.
Full access to this field is required when adding an object or model.
Whenupdated
The date and time a model object reference was updated.
Full access to this field is required when adding or editing an object or model.
Define permissions for the Definition object
The Definition object contains data for the object definitions in your tenant. The Access Control List allows you to define permissions for the Definition object. Modifying permissions for an object allows you to grant access to actions that affect the object, which can be executed from API calls or portal pages. You can grant a role full access, custom access, or no access to the object. You can also customize the level of access users have to the actions and fields within the object. The TenantAdministrator role has full access to all objects.
Important:The Authenticated User role has read access to the Definition object by default. DSI highly recommends that you do not revoke this access.
To define permissions for the Definition object, complete the following steps in the portal.-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Object (System), and then select Definition Object.Step InformationResult: The list of roles displays, along with each role's access to the object.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the object, select Full Access.Note:This allows all users within the role to use API calls to add, read, modify, search, and update the object itself, and all fields within the object.
-
To prevent the role from being able to view the object, select No Access.
-
To customize the level of access the role will have to the object, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions. -
-
If you selected Custom Access, under Action Level Permissions, turn the Execute switch on to allow, or off to disallow, each of the following actions.
-
Add: Allows the role to add object definitions.
-
Read: Allows the role to view object definitions.
-
Modify: Allows the role to change the object definition for the Definition object.
-
Search: Allows the role to search for specific object definitions.
-
Update: Allows the role to edit object definitions.
-
-
If you selected Custom Access, under Field Level Permissions, turn the Read switch on to allow read access, or off to disallow read access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Definition object.
-
If you selected Custom Access, under Field Level Permissions, turn the Update switch on to allow the role to update, or off to disallow update access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Definition object.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions.
-
Optional. If you want to allow a role to edit object models, complete the following substeps.
-
Optional. To define permissions for portal pages that use data from the Definition object, complete the following substeps.
Field level permissions for the Definition object
The Access Control List (ACL) allows you to customize the level of access users have to the fields within the Definition object.
The list of fields is populated from the list of attributes in the Definition object. The following permissions can be modified for each field.
-
Read: allows or disallows read access.
-
Update: allows or disallows editing.
When modifying field level permissions, keep in mind that some fields are required for specific actions.
The following fields are available for the Definition object.
Status
Specifies whether the current object definition is published.
Full access to this field is required when adding or editing a definition.
Objectid
The ID of the object to which the definition belongs.
Full access to this field is required when adding or editing a definition.
Createdby
The userid of the user who created the definition.
Full access to this field is required when adding or editing a definition.
Updatedby
The userid of the user who last updated the definition.
Full access to this field is required when adding or editing a definition.
Definition
The object definition.
Full access to this field is required when adding or editing a definition.
Whencreated
The date and time a definition was created.
Full access to this field is required when adding a definition.
Whenupdated
The date and time a definition was updated.
Full access to this field is required when adding or editing a definition.
Pendingdefinition
Stores an object definition that has been saved, but not published.
Full access to this field is required when adding or editing a definition.
Define permissions for the Object Relationships object
The Object Relationships object contains data for the object relationships in your tenant. The Access Control List allows you to define permissions for the Object Relationships object. Modifying permissions for an object allows you to grant access to actions that affect the object, which can be executed from API calls or portal pages. You can grant a role full access, custom access, or no access to the object. You can also customize the level of access users have to the actions and fields within the object. The TenantAdministrator role has full access to all objects.
Important:The Authenticated User role has read access to the Object Relationships object by default. DSI highly recommends that you do not revoke this access.
To define permissions for the Object Relationships object, complete the following steps in the portal.-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Object (System), and then select Object Relationship.Step InformationResult: The list of roles displays, along with each role's access to the object.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the object, select Full Access.Note:This allows all users within the role to use API calls to add, read, modify, search, and update the object itself, and all fields within the object.
-
To prevent the role from being able to view the object, select No Access.
-
To customize the level of access the role will have to the object, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions. -
-
If you selected Custom Access, under Action Level Permissions, turn the Execute switch on to allow, or off to disallow, each of the following actions.
-
Add: Allows the role to add object relationships.
-
Read: Allows the role to view object relationships.
-
Modify: Allows the role to change the object definition for the Object Relationships object.
-
Search: Allows the role to search for specific object relationships.
-
Update: Allows the role to edit object relationships.
-
-
If you selected Custom Access, under Field Level Permissions, turn the Read switch on to allow read access, or off to disallow read access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Object Relationship object.
-
If you selected Custom Access, under Field Level Permissions, turn the Update switch on to allow the role to update, or off to disallow update access, for each of the fields.Step InformationNote: Some fields are required for specific actions. For more information about the available fields, refer to Field level permissions for the Object Relationship object.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the object permissions were successfully updated. If the role has access to any portal pages that use data from the object, the pages inherit the new permissions.
-
Optional. If you want to allow a role to edit object models, complete the following substeps.
-
Optional. To define permissions for portal pages that use data from the Object Relationships object, complete the following substeps.
Field level permissions for the Object Relationship object
The Access Control List (ACL) allows you to customize the level of access users have to the fields within the Object Relationship object.
The list of fields is populated from the list of attributes in the Object Relationship object. The following permissions can be modified for each field.
-
Read: allows or disallows read access.
-
Update: allows or disallows editing.
When modifying field level permissions, keep in mind that some fields are required for specific actions.
The following fields are available for the Object Relationship object.
Name
The name of the object relationship.
Full access to this field is required when adding or editing a object relationship.
Createdby
The userid of the user who created the object relationship.
Full access to this field is required when adding or editing a object relationship.
Join1type
The type of relationship for the first object.
Full access to this field is required when adding or editing a object relationship.
Join2type
The type of relationship for the second object.
Full access to this field is required when adding or editing a object relationship.
Keyfield1
The key associated with the first object.
Full access to this field is required when adding or editing a object relationship.
Keyfield2
The key associated with the second object.
Full access to this field is required when adding or editing a object relationship.
Object1id
The ID of the first object.
Full access to this field is required when adding or editing a object relationship.
Object2id
The ID of the second object.
Full access to this field is required when adding or editing a object relationship.
Updatedby
The userid of the user who last updated the object relationship.
Full access to this field is required when adding or editing a object relationship.
Visibility1
The visibility type of the first object.
Full access to this field is required when adding or editing a object relationship.
Visibility2
The visibility type of the second object.
Full access to this field is required when adding or editing a object relationship.
Whencreated
The date and time a object relationship was created.
Full access to this field is required when adding a object relationship.
Whenupdated
The date and time a object relationship was updated.
Full access to this field is required when adding or editing a object relationship.
Collection1name
The name of the collection to which the first object belongs.
Full access to this field is required when adding or editing a object relationship.
Collection2name
The name of the collection to which the second object belongs.
Full access to this field is required when adding or editing a object relationship.
Objectrelationshipid
The ID assigned to an object relationship.
Full access to this field is required when adding or editing a object relationship.
Define permissions for the Objects page securable
The Access Control List allows you to modify a role's permissions to the Objects page securable. This defines the role's level of access to the Objects page on the portal. This only controls access to the page itself. Access to the data within the page is inherited from the the Model Object, the Model Object Reference object, the Definition Object, and the Object Relationship object. You can grant a role full access, custom access, or no access to the Objects page securable. The TenantAdministrator role has full access to all objects.
Prerequisites:
-
If you want to allow users to view or edit the Objects page, you must also grant permissions for any parent pages in the menu structure. For example, if the Objects page is nested under Development Studio, you must Define permissions for the Development page securable.
To define permissions for the Objects page securable, complete the following steps in the portal.
-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Page (System), and then select Objects Page Securable.Step InformationResult: The list of roles displays, along with each role's access to the page.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the page, select Full Access.
-
To prevent the role from being able to view the page, select No Access.
-
To customize the level of access the role will have to the page, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the page permissions were successfully updated. -
-
If you selected Custom Access, under Top Level Permissions, for Page, turn the View switch on to allow read access to the page, or off to disallow read access.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the page permissions were successfully updated.
Define permissions for the Object page securable
The Access Control List allows you to modify a role's permissions to the Object page securable. This defines the role's level of access to the Object page on the portal. This only controls access to the page itself. Access to the data within the page is inherited from the the Model Object, the Model Object Reference object, the Definition Object, and the Object Relationship object. You can grant a role full access, custom access, or no access to the Object page securable. The TenantAdministrator role has full access to all objects.
Prerequisites:
-
If you want to allow users to view or edit the Objects page, you must also grant permissions for any parent pages in the menu structure. For example, if the Objects page is nested under Development Studio > Objects, you must Define permissions for the Development page securable and Define permissions for the Objects page securable.
To define permissions for the Object page securable, complete the following steps in the portal.
-
Go to the ACL page.Step InformationNote:The default location for the ACL page is Configuration > ACL. If the menu items for your tenant have been customized, it may be located elsewhere. For more information, contact your tenant administrator.
-
In the list, expand Page (System), and then select Object Page Securable.Step InformationResult: The list of roles displays, along with each role's access to the page.
-
Select a role from the list, and then select Modify.
-
In the context menu, select one of the following options.
-
To allow the role full access to the page, select Full Access.
-
To prevent the role from being able to view the page, select No Access.
-
To customize the level of access the role will have to the page, select Custom Access.
Expected ResultResult: If you selected Full Access or No Access, a "Permissions Applied" message displays, indicating that the page permissions were successfully updated. -
-
If you selected Custom Access, under Top Level Permissions, for Page, turn the View switch on to allow read access to the page, or off to disallow read access.
-
If you selected Custom Access, select Apply Permissions.Expected ResultResult: A "Permissions Applied" message displays, indicating that the page permissions were successfully updated.
Loading...
There was a problem loading this topic