Using access lists for users to objects

Access lists enable you to set up security for objects and details for specific users, roles, and groups. Objects include formulas, items, and programs. Access lists provide a finer level of control than the standard group and role security.

With access lists, you can assign security on an individual user basis. The dynamic nature of the list is also an advantage. Changes can be made often to the access list, without the necessity of opening up an Optiva form for each object, user, and role. These changes can be made manually through the Access Control List form or through a workflow script.

• You can choose an object instance and define the security for all users, roles, and groups for that object and its details.

  or

• You can choose a specific user, role, or group and define the security for specific objects and details for the users, roles, or groups.

When the user attempts to perform an action, Optiva determines if the action is allowed. Both access lists and other security settings, such as the form, are checked.

ACL security only takes effect if the user does not have access to the record. The highest security number (i.e., the most access) prevails if there is more than one ACL security setting. For example:

• The security level for the object is 0 (i.e., no access) for the user/group/role.
• ACL by User security for all details in the object is 7 (i.e., Read/Copy/Write).
• ACL by User security for the Item Lines details in the object is 15 (i.e., Read/Copy/Write/Delete).

In this example, the user can modify all details and delete item lines for the object.