Enabling discovery features for access control policies
Access control policies support discovery features that allow users to view limited, customizable information about class instances that fail Read policies but satisfy Discover policies. To enable these features for users, the pyIsDiscoveryEnabledForOperator Access When rule must evaluate to true. You can enable discovery features for all users of an application, or for particular operators.
Follow these steps to enable discovery for all operators.
- In the navigation panel, click .
- In the When Name column header, click the Filter icon and search for pyIsDiscoveryEnabledForOperator.
- Open the pyIsDiscoveryEnabledForOperator Access When rule that is displayed by clicking it.
- On the Conditions tab, double-click the condition.
- In the Condition dialog box, change the comparator to the equal sign (=), and click Submit.
- Save your changes.
- Creating an access control policy
In the access control policy rule form, you define a policy that grants access to an object by evaluating selected conditions. For each rule, you can set one level of access, such as read, update, or delete, and the condition that defines whether the access is granted.
- Adding a Discovery gadget to a customized user interface
A Discovery gadget enables users to view limited information about selected cases that they do not have Read authority to access. You can include the section rule for a Discovery gadget in any section of your user interface, such as in the layout of a customized search gadget, or above a list control that is populated by a report definition.
- Discovery features for access control policies
Access control policies support discovery features that allow users to view limited, customizable information about class instances that fail read policies but satisfy discover policies. Users cannot open or interact with the discoverable instances, but they can see that the instances exist and they can evaluate whether they might need access to certain instances.