Manage Object Access

You can configure object access to help protect the integrity of the data, prevent users from performing unauthorized tasks, and provide users with only the information appropriate for their job functions. You can configure object access in the following ways:
casm171
You can configure object access to help protect the integrity of the data, prevent users from performing unauthorized tasks, and provide users with only the information appropriate for their job functions. You can configure object access in the following ways:
  • Hide an object to prevent users from seeing a particular area of the page for the object.
    For example, you do not want a user to be able to see pricing information for models. Therefore, you hide the Parts and Pricing area of the Models page.
  • Make an object appear when users should be able to see a particular object.
    For example, you want a user to be able to see pricing information for models. Therefore, you make the Parts and Pricing area of the Models page appear.
  • Make an object read-only when users should be able to see, but not change the information about a particular object.
    For example, you want a user to be able to see, but not change, pricing information for models. Therefore, you make the Parts and Pricing area of the Models page read-only.
  • Make an object accessible when users should be able to see and change the information about a particular object.
    For example, you want a user to be able to see, and edit, pricing information for models. Therefore, you make the Parts and Pricing area of the Models page accessible.
  • Grant permission to users to secure objects.
Combine object access and field configuration to enforce more granular levels of access.
Follow these steps:
  1. Click the tab and optional subtab for the object that you want to configure. On the left, click CONFIGURE: ON.
    The configuration of the page is enabled.
    In the Configuration Information area of the page, complete the following steps:
    1. Specify the information for the new global or local configuration, or select an existing configuration that you want to change.
    2. (Optional) In the Object drop-down list, select the part of the object that you want to configure. Any permission changes you make (for example, deny permissions to move a field) apply only to that part of the object.
      For example, when configuring a legal document, you select Legaldoc Status History in the Object drop-down list. You deny permissions to move fields for that part of the object (the status history). The permission changes apply only to the status history part of the object, and not to the other parts of the object.
    Global configuration changes affect all users, regardless of their role. Local configuration changes only affect users in the roles assigned to the selected configuration.
  2. To hide an object, complete the following steps:
    1. On the right, next to the title for the area of the page (for example, Models page, Parts and Pricing) click the Access Granted icon.
      The Access Denied icon appears for the object.
    2. Click Save Configuration.
      When you assign a configuration to a role, users in the role cannot see the object information.
  3. To make an object appear, complete the following steps:
    1. If access is already denied for the object, click the Access Denied icon on the right, next to the title for the area of the page (for example, Models page, Parts and Pricing).
      The Access Granted icon appears for the object.
    2. Click Save Configuration.
      When you assign a configuration to a role, users in the role can see the object information.
  4. To make an object read-only, complete the following steps:
    1. On the right, next to the title for the area of the page (for example, Models page, Parts and Pricing) click the Editable icon.
      The Read Only icon appears for the object.
    2. Click Save Configuration.
      When you assign a configuration to a role, users in the role can see, but not change the object information.
  5. To make an object accessible, complete the following steps:
    1. If the object is already read-only, click the Read Only icon on the right, next to the title for the area of the page (for example, Models page, Parts and Pricing).
      The Editable icon appears for the object.
    2. Click Save Configuration.
      When you assign a configuration to a role, users in the role can access the object information.
Grant Permissions to Secure Objects
You can grant permissions to users so they can configure the user interface and hide objects, make objects appear, make objects read-only, and make objects accessible.
Follow these steps:
  1. Click the tab and optional subtab for the object that you want to configure.
  2. On the left, click CONFIGURE: ON to enable the configuration of the page.
  3. In the Configuration Information area of the page, specify the information for the new global or local configuration, or select an existing configuration that you want to change.
    Global configuration changes affect all users, regardless of their role. Local configuration changes only affect users in the roles assigned to the selected configuration.
  4. In the Permissions area of the page, move Secure (Read-Only And Access)to the Granted Permissions list.
  5. (Optional) Select the Inherit Permissions from Parent Object check box to apply any security permissions from a top-level (parent) object to the lower-level (child) object using the same configuration.
    For example, you create a local configuration for an Organization. In the configuration, you deny permissions to change field labels, move fields, make fields required, and hide fields. After you save the configuration, you open Attachments under Organization and select the Inherit Permissions from Parent Object check box. All permissions from the Organization are applied to Attachments. In this example, because permissions to change field labels, move fields, make fields required, and hide fields are applied to the Organization, the permissions are also applied to the Attachment.
  6. Click Save Configuration.
    When you assign a configuration to a role, users in the role have permissions to hide objects, make objects appear, make objects read-only, and make objects accessible.