Action Level Security
When you grant a user group access to an application service, you must indicate the actions to which they have access.
- For application services that only query the database, there is a single action to which you must provide access - this is called Inquire.
- For application services that can modify the database, you must define the actions that the user may perform. At a minimum, most maintenance transactions support Add, Change, and Inquire actions. Additional actions are available depending on the application service's functions.
CAUTION: Important! If an
application service supports actions that modify the database
other than
Add,
Change, and
Delete; you must provide the user with
Change access in addition to the other
access rights. Consider a transaction that supports special
actions in addition to
Add,
Change, and
Inquire (e.g.,
Freeze,
Complete,
Cancel). If you want to give a user
access to any of these special actions, you must also give the
user access to the
Inquire and
Change actions.