Access Restrictions for Jet Pages

Access to all UI pages is protected by access restrictions of type Function. Each page is represented by an access restriction of type function. So a user can only access pages he has been granted access to via one of his roles. Function access is granted on the level of a page. It is not possible to give access to certain parts of a page. For example, when the user has access to the persons page, he can search for persons, he can access all parts of that a view and edit person page like person data, person addresses, person bank accounts and so on.

A user can be granted Retrieve access to a page, and optionally also Create, Update, and/or Delete access. Create access means that new records (objects and its details) can be added. Delete access means that records can be deleted. Dynamic fields and multi-select drop down lists are considered attributes of an entity, if the user has Update access to the page he can add/remove/update such attributes even if he does not have Create or Delete access.

Menu options to which the user does not have access, are not shown. On a page to which the user has access, add /delete / save buttons are hidden if the user does not have access rights for that operation. If the user does not have update access, fields are displayed as read-only.

The pages uses HTTP API resources and Integration points (generic/specific) to perform DMLs and therefore, appropriate grants to GET (to view), POST (to create), PUT (to update), PATCH (to update), DELETE (to delete) operations must be granted on the resource, operations, sub resources and linked resource.

Whenever a page access is provided to a user, access to required IP/API is automatically granted. However, exception to the rules are IP/API that allow user to perform certain restricted operations, for example, build a Product or change the status of Product from Approved to Edit.

The following table provides details on pages that require additional API/IP access to perform special operations - function code - API/IP access required

Table 1. Access Restrictions for Jet Pages
Page Function Access Restricted Access Restrictions

Product Search
Product View and Edit

PR0014

  • To access Validate product, user must have access to "product.validate IP" and update access to PR0014

  • To access Build product, user must have access to "product.build IP" and update access to PR0014

  • To access operation Edit product, user must have access to "product.edit IP" and update access to PR0014

  • To access operation Test product, user must have access to "product.test IP" and update access to PR0014

  • To access operation Approve product, user must have access to "product.approve IP" and update access to PR0014