...
Operation | User without any role | User with ops_service_role | User with ops_user_admin or ops_admin role |
---|---|---|---|
Read | Read its own record (details). Read its own Role, Permissions, and Member of Groups (group membership), | Read any user record. | Create/update/read/delete any fields or any related data. |
Update | Update a subset of fields of its own record. Cannot update any related data. | Update a subset of fields of its own record. Cannot update any related data. | |
Create | No permission to create a user. | No permission to create a user. | |
Delete | No permission to delete a user. | No permission to delete a user. |
...
Property | UI Field Name | Description | Specifications | Required | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
allGroups | Member of Any Business Service or Unassigned | Specification for whether or not this permission applies both to records that belong to any Business Service and to records that do not belong to any Business Service. | Boolean. Valid Values: true/false. Default is false. | N | ||||||||||
commands | Commands | Commands that are associated with each permission. | Valid values: see #Command Permissions, below. | N | ||||||||||
defaultGroup | Unassigned to Business Service | Specification for whether or not this permission applies to records that do not belong to any Business Service. | Boolean. Valid Values: true/false. Default is false. | N | ||||||||||
nameWildcard | Name | Specification to apply this permission to records whose name matches the string specified here. | Wildcards (*'s) can be used. | Y | ||||||||||
opCreate | Create | Allows the user to create records of the specified | Boolean. Valid Values: true/false. Default is false. | N | ||||||||||
opDelete | Delete | Allows the user to delete records of the specified | Boolean. Valid Values: true/false. Default is false. | N | ||||||||||
opExecute | Execute | Allows the user to execute records of the specified | Boolean. Valid Values: true/false. Default is false. If the Strict Connection Execute Constraints Universal Controller system property is true: | N | ||||||||||
opRead | Read | Allows the user to read records of the specified | Boolean. Valid Values: true/false. Default is false. | N | ||||||||||
opUpdate | Update | Allows the user to update records of the specified | Boolean. Valid Values: true/false. Default is false. | N | ||||||||||
opswiseGroups | Member of Business Services | Applies this permission to records that are members of the selected Business Service(s).
| N | |||||||||||
permissionType | Type | Type of permission for this user. | Valid values: | Y | ||||||||||
sysId | n/a | System ID field in the database for a record. | Persisted only if retainSysIds is set to true. | N |
...