Managing UDO Action Security

Set up action security for a user, role, or *PUBLIC (all users) to determine the actions users can perform when using a UDO feature. UDO action security is set up by UDO feature.

Important: You must activate the UDO feature in EnterpriseOne before setting up UDO action security. See Managing UDO Feature Security.

The following list describes the actions you can allow users to perform:

Create. Enables users to create user defined objects for personal use. Without this permission, users can only use shared UDOs to which they have been granted access through UDO view security.
Create and Publish. Enables users to create and "Request to Publish" UDOs to share UDOs with other users. "Create and Publish" security inherits the "Create" permission.
With this permission, a user can select the "Request to Publish" button to share a UDO. However, the UDO must be approved before it can be shared with other users. For more information on how to approve UDOs in P98220U, see the JD Edwards EnterpriseOne Tools Using and Approving User Defined Objects Guide.
Modify. Enables users to modify shared UDOs. "Modify" action security inherits "Create" and "Create and Publish" permissions.

When setting up UDO action security, remember that application security supersedes UDO action security. That is, users can only work with UDOs in applications to which they have been granted access through Security Workbench application security.

UDO action security records can be set up for a particular application, form, or application version. Or you can use *ALL (all objects) to apply action security to all applications, forms, application version in which the UDO feature exists. You also have the option to apply UDO action security to a particular EnterpriseOne product code or reporting code.

Important: If you add, modify, or delete action security, users must clear the cache in their browser for the changes to take effect.

To set up UDO Action security:

On Work With User/Role Security in the Security Workbench (P00950), select the Form menu, User Defined Object, Action.
On Work With User Defined Object Action Security, click the Add button.
On User Defined Object Action Security, click the search button in the Object Type field and select a UDO type.
Note: You can ignore the DATABROWSE option. This option is for setting up Data Browser security. For more information, see Adding Data Browser Security through the UDO View Security Form (Alternative Method) in this guide.
In a row in the grid, complete the following fields to create a security record for the selected UDO type:
Note: In each cell, you can click the search button to search for specific values. The search form displays only the objects that make use of the UDO feature.
- User/Role. Enter a specific user, role, or *PUBLIC (for all users).
- App/Object Name. Enter the application ID of the application to which you want to apply the UDO action security. Enter *ALL to authorize the user to perform actions in any application in which the UDO feature appears.
- Form Name. Enter a form ID if you want the security to apply to a specific form in the application. Or you can enter *ALL for all forms.
- Version. Enter a version if you want the security to apply to a specific version of the application. Or you can enter *ALL for all versions.
- Product Code and Reporting Code. If you entered a specific application, form, or version, these fields automatically change to *ALL (all product codes or all reporting codes) and you cannot modify them. If you entered *ALL for the application, form, and version, you can enter a specific product or reporting code to which you want to apply security. You can enter *ALL for all product codes.
- Access Level. Click the drop-down menu to select one of the following action security levels:
  - Create
  - Create and Publish
  - Create, Publish, Modify
  - Disable Create, Publish, and Modify
    Use this last option to expedite the creation of UDO action security records. For example, if you want to authorize all but two members of a role to "create, publish, and modify" UDOs, you create one record for the role authorizing "Create, Publish, Modify;" and then create two records using this "Disable Create, Publish, and Modify" option to prevent the two users from creating UDOs.
As an alternative to using the Access Level drop-down menu, you can click the icons in the Create, Publish, or Modify columns to activate or deactivate the action security level. A green circle indicates the action is active, a red square indicates the action is inactive.
When using the icons to select the security level, the security level is reflected in the Access Level column in the grid.
Click the Save button to save the record.

To modify UDO action security:

In Security Workbench, select the Form menu, User Defined Object, Action.
On Work With User Defined Object Action Security, click the Find button to access Action security records. You can refine the search by using filter fields in the header row of the grid.
Click the icons in the following columns to modify the UDO action security:
- Create
- Publish
- Modify
  The Access Level field in the row will change to reflect the modified action security.
  Also, a warning appears reminding you to clear the security cache for the changes to take effect.

To delete UDO action security:

In Security Workbench, select the Form menu, User Defined Object, Action.
On Work With User Defined Object Action Security, click the Find button to access Action security records. You can refine the search using the filter fields in the header row of the grid.
Click the check box next to the records you want to delete and then click the Delete button.
Note: To disable UDO action security, you do not have to delete the UDO action security record. Instead, you can disable the security record by making it inactive. This enables you to save the record in case you choose to make it active again at another time.