Bookshelf Home | Contents | Index | Search | PDF |
Configuration Guidelines > Visibility >
Access Control
Visibility is controlled through three major mechanisms:
- Login, which determines the user's identity
- Responsibility, which determines the views available to the user
- Position, which controls the data available to the user
You can use access control to provide additional control. It is implemented through five different mechanisms:
- Personal Access Control
This mechanism allows you to associate individual data with the user's database record. Examples are My Service Requests or My Activities.
- Position-Based Access Control
This mechanism allows you to associate individual data to a position that is assigned to the user. A single position or multiple positions (such as a Sales Team) can be associated to the record. Other positions can access the data if their position is tied to the position through a hierarchy, such as a manager. It is usually better to work with positions instead of individuals, because reassigning a position is easier than reassigning an individual. Examples are My Accounts or My Team's Accounts.
- Organization-Based Access Control
This mechanism lets you further restrict access to a record by associating the record to an organization and then allowing access to only those active positions who belong to that organization. Examples are All Accounts or All Contacts. These views retrieve all the data for the organization of a user.
- All Access Control
This mechanism provides access to all records with a valid owner. The owner can be a person, a position, a valid primary sales team position, or an organization. All users with a view in their responsibilities that applies All access control see the same data in the view. An example is All Accounts Across Organizations.
- Access Group Access Control
This mechanism provides access to records where the user is associated with an access group if, during the current session, the user is associated with a position, organization, division, account, household, or user list that is a member of the access group. Access groups control master data only.
Bookshelf Home | Contents | Index | Search | PDF |
Configuration Guidelines Published: 18 April 2003 |