Previous | Next | Contents | Index | Library |
For example, to allow a hypothetical user, Sue, in the ADMIN responsibility to see rows containing a CUSTOMER_ID value of 1000, assign the securing attribute of CUSTOMER_ID to the ADMIN responsibility. Then give Sue a security attribute CUSTOMER_ID value of 1000.
When Sue logs into the Admin responsibility the only customer data she will have access to will have a CUSTOMER_ID value of 1000.
See: Users Window and Responsibilities Window.
For example, if for security reasons you did not want the hypothetical user Sue in the ADMIN responsibility to see data in the CONTACT_NAME column, you would assign her the excluding attribute CONTACT_NAME to the ADMIN responsibility. No users with the ADMIN responsibility can see CONTACT_NAME information.
See: Responsibilities Window.
You may designate a user as an employee, supplier, and / or customer. This automatically assigns a contact ID value to this user for appropriate securing attributes as follows:
Contact | ID |
---|---|
Customer Contact | ICX_CUSTOMER_CONTACT_ID |
Internal Contact | ICX_HR_PERSON_ID |
Supplier Contact | ICX_SUPPLIER_CONTACT_ID |
In addition, the following securing attributes are seeded:
Contact | ID |
---|---|
Customer | ICX_CUSTOMER_ORG_ID |
Organization | ICX_HRG_ORG_ID |
Supplier | ICX_SUPPLIER_ORG_ID |
Customer Site | ICX_CUSTOMER_SITE_ID |
Internal Site (location) | ICX_HR_SITE_ID |
Supplier Site | ICX_SUPPLIER_SITE_ID |
Responsibility | Securing Attributes | Excluding Attributes |
---|---|---|
Credit Cards | ICX_HR_PERSON_ID | |
EDI Transmissions (by Customer Site) | ICX_CUSTOMER_SITE_ID | |
Partner Information (by Customer) | ICX_CUSTOMER_ORG_ID | |
Payments and Credits (by Customer) | ICX_CUSTOMER_ORG_ID | |
Products and Orders (by Customer Contact) | ICX_CUSTOMER_CONTACT_ID | |
Project Information (by Customer Contact) | ICX_CUSTOMER_CONTACT_ID, ICX_CUSTOMER_ORG_ID | |
Project Management (by Employee) | ICX_INTERNAL_CONTACT_ID | |
Requisitions by Preparer | PREPARER_ID | |
Requisitions by Requester | ICX_HR_PERSON_ID, TO_PERSON_ID | |
Salesperson Services (by Employee) | ICX_INTERNAL_CONTACT_ID | |
Service and Support (Full Access) | CS_PUBLIC_COMMENT | |
Service and Support (by Customer Contact) | ICX_CUSTOMER_CONTACT_ID | CS_COMMENT |
Service and Support (by Customer) | ICX_CUSTOMER_ORG_ID | CS_COMMENT |
Supplier Services (by Supplier Site) | ICX_LEVEL_ALTERED, ICX_SUPPLIER_SITE_ID | ICX_SUPPLIER, ICX_SUPPSITE |
Supplier Services (by Supplier) | ICX_LEVEL_ALTERED, ICX_SUPPLIER_ORG_ID | ICX_SUPPLIER, ICX_SUPSITE |
Supplier Services | ICX_LEVEL_ALTERED | ICX_SUPPLIER, ICX_SUPSITE |
Table 1 - 1. (Page 2 of 2) |
If there are securing attributes assigned at the responsibility level that exactly match those at the region level, securing attribute values are checked at the user level.
If there are no securing attributes assigned at the user level that match, no data is returned. If there are securing attributes assigned at the user level that match, data is returned to the user, but only if the user's securing attribute values exactly match the values of the returned data.
Excluded attributes assigned at the responsibility level prevent data being returned for these attributes.
For example, assume that Sue has the following attribute values:
Securing Attribute | Value |
---|---|
CUSTOMER_ID | 1000 |
SITE_ID | 123 |
SITE_ID | 345 |
SITE_ID | 567 |
CONTACT_ID | 9876 |
Table 1 - 2. |
Assume that Sue requests data for CUSTOMER_ID, SITE_ID, or CONTACT_ID, and these attributes are defined in Web Applications Dictionary and for the Customer responsibility. For any rows of data with these attributes, Sue's securing attribute values are checked for exact matches.
In this case, any rows with a CUSTOMER_ID of 1000; SITE_ID of 123, 345, or 567; and CONTACT_ID of 9876 are returned.
Previous | Next | Contents | Index | Library |