Back Forward Access of Role to Object form
Completing the Privileges tab
  1. About 
  2. New 
  3. Security 
  4. Privileges 
  5. Settings 
  6. History 
  7. More... 

Complete this optional array to associate one or more privileges and a production level with this Access of Role to Object rule.

By listing a privilege here, you grant privileges to those users (or other requestors) who hold the access role that is the first key part of this rule, as they work with instances of the class that is the second key part, on a system that has a specific production level (or lower).

In contrast, privileges you associate with rules of other rule types are requirements to be matched against the privileges granted this requestor. You can associate privilege requirements with:

  • Activities
  • Correspondence rules
  • Decision tables
  • Flows
  • Flow actions
  • List view rules
  • Summary view rules
  • Report definition rules

For these rules, enter a privilege name on the rule form.  Unlike privilege entries associated with permissions for a role, these privilege entries do not include an associated level.  Instead, they are used for a simple text name comparison.

When a privilege is added to a rule, it may be checked at runtime against a different class, such as when opening a work item (which inherits from Work-) from a flow. For example, the privilege ActionApprove has been added as a requirement to run rules opened by the flow rule New in the Applies To class ExemplarOrg-FW-ExemplarAppFW-Work

The privilege on the flow form is applied to the class of a work item opened by the flow. However, if the flow then opens an instance of a different class which does not inherit from Work-, such as Rule-Admin-Skill, the Applies To class of the Rule-Access-Privilege rule must match the Applies To class of the Rule-Admin-Skill rule, not the class of the calling flow. The privilege is NOT required to run the flow, but rather to open any items which share the privilege’s Applies To class

You can enter any number of privileges into this array. Order is not significant.

Field

Description
Privilege

SmartPromptOptional. Identify a privilege. Enter the second key part of a Rule-Access-Privilege rule for which the Applies To key part is the same as the Access Class key part of this rule.
Level

Optional. Identify a production level between 0 and 5, or the literal value L: followed by the When Name key part of an Access When rule name.

If you enter a number, at runtime the system compares this level with the production level of the current system (recorded in the System data instance).

If you enter a name, the system uses the Access Class key part of this Access of Role to Object rule to find the Access When rule.

Enter 0 or leave blank to provide no access.

The privilege is granted only if the Access When evaluates at runtime to true, or the numeric value here is greater than or equal to the production level value.

Up About Access of Role to Object rules