Creating an access control policy

In the Access Control Policy rule form, you define a policy that grants access to an object by evaluating selected conditions.

To view the Access Control Policy, you must have the pzCanManageSecurityPolicies privilege.

You can create policies only for Work-, Data- and Assign- classes.

1. Click Records > Security > Access Control Policy.
2. Click +Create.
3. In the Label field, enter the policy name.
4. In the Action list, select one of the actions:
   • Read – The user can open a case that meets the policy conditions or view data for the case in lists, reports, searches, and others.
   • Update – The user can create a case that meets the policy conditions or update data for such a case.
   • Discover – The user can see limited information (defined by a developer) about a case that does not meet Read policy conditions but does satisfy the Discover policy conditions.
   • Delete – The user can delete a case that meets the policy conditions.
   • PropertyRead - The user has restricted visibility to property values that includes the property values with read and update access.
5. In the Context section in the Apply to field, enter a class.
6. In the Add to ruleset field, select a ruleset.
7. Click Create and open.
8. On the Definition tab, select the Disallow creation of a policy with the same name at a descendant class check box to prevent overriding the policy in a descendant class.
9. In the Permit access if field, enter the condition rule name.
10. Click Save.

Open topic with navigation