About the Access As identifier
One key element of the Mongoose security and authorization structure is the "Access As" identifier. This identifier indicates ownership and modification rights for most Intelligent Data Objects (IDOs) and other metadata. It is used similarly to control objects used by the Application Event System (AES).
Among other things, the Access As identifier indicates who (that is, what organization) created and owns an IDO, an AES event, or other related event system object. It also prevents unauthorized developers from modifying or deleting system metadata or objects that they do not own.
Generally, the Access As identifier falls into one of three groups:
- Core: Indicates that the object is one that Infor created and owns.
- OtherName: Typically, indicates that the object was created by and belongs to one of Infor’s business partners or other authorized vendors.
- [Blank]: Indicates that the object was created by and belongs to an end customer.
Within any Mongoose-based application, several forms include an Access As field. On the Access As form, this field indicates the current Access As identifier value. This is the value assigned to any new system objects you create. On all other forms, this field indicates who has ownership of the pertinent object metadata; in other words, who created and owns it.
You can only modify or delete metadata for system objects that have the same value as on the Access As form—in other words, system objects and metadata that your organization has created and owns.
With a few exceptions (noted where applicable), you can attach your own event triggers and event handlers to event system objects owned by other organizations (that is, with a different Access As identifier than yours); but you cannot directly modify or delete those objects.