This appendix contains these topics:
In this appendix you can review the IBM Help information for Authorization Lists and the different Object Authorities that can be assigned to each user profile.
For Field Level Masking purposes, wherever object is referenced, substitute it for the word field.
The authority that the user has to an object.
Several different system-defined object authority levels may be assigned to users. The following table describes the object authority levels.
| Authority Level | Explanation |
|---|---|
| *ALL | Allows all operations on the object except those that are limited to the owner or controlled by authorization list management authority. |
| *CHANGE | Allows all operations on the object except those that are limited to the owner or controlled by object existence authority, object alter authority, object reference authority, and object management authority. |
| *EXCLUDE | All operations on the object are prohibited. |
| *USE | Allows access to the object attributes and use of the object. The user cannot change the object. |
Both *ALL and *CHANGE rights allow users to view and change the field without masking applied.
*USE rights allow users to view the field without masking applied, but not the ability to change the field value.
*EXCLUDE rights prevent users from both viewing and changing the masked field.
Oracle JD Edwards World recommends using *CHANGE, *USE, and *EXCLUDE rights on the Authorization Lists, as those values are easily identifiable and self-explanatory.