Framework Security Classes
Described below are the delivered security classes for the Landmark framework.
AdminstratorConsoleAccess_ST Security Class
Grants unconditional access to the Infor Landmark Administration Console. This includes access to the main Landmark Administration Console form as well as the various subforms that are accessible through it.
Specifically, it grants unconditional access to the following objects:
-
AdministratorConsole web application
-
admincon module
-
CdDelete business task
-
CdDeletePersonalization business task
-
CdExport business task
-
CdExportPersonalization business task
-
CdImport business task
-
CdImportList business task
-
CdVerify business task
-
ClearConfigurations business task
-
DbCount business task
-
DbExport business task
-
DbImport business task
-
DbUpdateLobs business task
-
DbVerify business task
-
DETExport business task
-
DETImport business task
-
ManageAsyncbusiness task
-
ScCopy business task
-
ScExport business task
-
ScImport business task
-
ScImportList business task
-
SpellDictMaint business task
-
SpellDictMaintDelete business task
AgentMgmtAccess_ST Security Class
Grants unconditional access to the following objects in a data area, needed to manage agents and their assignments to actors:
-
person module
-
Agent business class
-
ParentAgent business class
AppConfigurationAdminCdAccess_ST Security Class
Grants unconditional access to the subset of the Infor Landmark Administration Console that involves application configurations and personalizations.
Specifically, it grants unconditional access to the following objects:
-
AdministratorConsole web application
-
admincon module
-
CdDelete business task
-
CdDeletePersonalization business task
-
CdExport business task
-
CdExportPersonalization business task
-
CdImport business task
-
CdImportList business task
-
CdVerify business task
-
ClearConfigurations business task
AppConfigurationBasicCdAccess_ST Security Class
Grants unconditional access to the business tasks for verifying configurations and clearing the configuration caches in the Landmark Administration Console.
AsyncAdministratorAccess_ST
Grants the access required to suspend or resume async queues through the Infor Landmark Administration Console.
Specifically, it grants unconditional access to the following objects:
-
AdministratorConsole web application
-
AsyncWebApp web application
-
admincon module
-
async module
-
AsyncActionMisfire business class
-
AsyncActionRequest business class
-
AsyncActionTrigger business class
-
AsyncActionType business class
-
AsyncQueueDefinition business class
-
AsyncQueueMapping business class
-
Manage Async business task
BasicProductLineAccess_ST Security Class
Provides access to the basic system services for any user.
Grants unconditional access to the following objects in the data area:
-
async module
-
bi module
-
la module
-
person module
-
repository module
-
security module
-
ConfigurableHomePageTask business task
-
MessageProcessor business task
-
ScheduledDocumentStatusTask business task
-
SecurityProcessor business task
-
UserActionTask business task
-
AsyncQueueMapping business class
-
CheckPoint business class
-
DBSessionDebug business class
-
ProfileLog key field
-
SecurityCacheTimestamps business class
-
URLShortener business class
-
UserAction business class
-
UserField business class
-
UserFolder business class
-
UserFolderItem business class
-
UserForm business class
-
UserImageMap business class
-
UserList business class
-
UserMenu business class
-
UserPage business class
-
UserProd business class
-
MyActions web application
Grants inquiry and create access to the following objects in the data area:
-
EMailMessageAttachment business class
-
EMailMessageContent business class
-
EMailMessageQueue business class
-
LawsonClassicMessage business class
-
LawsonClassicMessageGroup business class
-
LawsonClassicMessageVariable business class
-
LawsonClassicMessageReference business class
-
LawsonClassicMessageField business class
-
M3Message business class
-
M3MessageGroup business class
-
M3MessageVariable business class
-
ProcessFlowFolder business class
-
ProcessFlowQueue business class
-
ProcessFlowVariable business class
-
ProcessFlowExecutor business task
Grants inquiry only access to the following objects in the data area:
-
Agent business class
-
AsyncActionType business class
-
AsyncQueueDefinition key field
-
BatchTask business class
-
BatchTaskStep business class
-
BusinessAction business class
-
BusinessField business class
-
BusinessForm business class
-
BusinessImageMap business class
-
BusinessList business class
-
BusinessMenu business class
-
BusinessPage business class
-
BusinessImageMapHotSpot business class
-
BusinessView business class
-
ConfigurationParameter business class
-
DataArea business class
-
InactiveImageMapHotSpot business class
-
KeyField business class
-
ParentAgent business class
-
ProductLine business class
-
SecurityQuestion business class
-
SpellingDictionary business class
Grants access for all actions to the current actor for the following object if the actor on the AsnycActionRequest matches the current actor:
-
AsyncActionRequest key field
Grants access for all actions to the current actor for the following object if the actor matches the roaming UI profile actor:
-
RoamingUIProfile business class
Grants inquiry only access to the current actor for the following object in the data area:
-
Actor business class
Grants inquiry access to the current actor if the actor matches the actor in the record.
-
ActorContext business class
Grants inquiry and update access for all ContextProperty objects flagged as user modifiable:
-
ContextProperty business class
Grants access for all actions to the current actor for the object if the actor matches the actor who created the object:
-
EffectiveDatedGroup key field
-
UserNotification key field
-
EnpPersonalObject key field
Grants create access to the following object in the data area:
-
ReportDocument key field
Grants inquiry access and allows a password change or reset when the person logged in matches the actor tied to that identity for the following object in the data area:
-
Identity business class
Grants all access when the person logged in matches the actor tied to that identity for the following object in the data area:
-
SecurityAnswer business class
BusinessClassComputeAccess_ST
Grants unconditional access for all actions to the following objects:
-
la module
-
BusinessClassCompute business class
-
BusinessClassComputeSubject business class
Grants unconditional access for all inquiries to the following objects:
-
repository module
-
BusinessSubject business class
BusinessClassGroupAccess_ST Security Class
Provides general access to business class groups.
Grants unconditional access to the following objects in the data area:
-
la module
-
BusinessClassGroup business class
-
BusinessClassGroupSubject business class
Grants inquiry only access to the following objects in the data area:
-
repository module
-
BusinessSubject business class
ConfigAdminAccess_ST Security Class
Provides access to the Configuration Console for modifying application UI components, mime types, and web services.
Specifically, it grants unconditional access to the following object in the data area:
-
security module
Grants inquiry access to the following objects in the data area:
-
RoleSecurityClass business class
-
SecurityClass business class
DataAreaAdminAccess_ST Security Class
Provides access to manage the Job Queue database and related objects, such as ProcessFlow and the AGS execution framework. Also gives inquiry access to security objects in each data area.
Grants unconditional access to the following objects in the data area:
-
async module
-
bi module
-
la module
-
AsyncWebApp web application
-
PersonalWatchMaintenance web application
-
AsyncActionMisfire business class
-
AsyncActionRequest business class
-
AsyncActionTrigger business class
-
AsyncActionType business class
-
AsyncQueueDefinition business class
-
AsyncQueueMapping business class
-
BatchTask business class
-
BatchTaskStep business class
-
ConfigurationParameter business class
-
EffectiveDatedGroup business class
-
EffectiveDatedEntry business class
-
EMailMessageAttachment business class
-
EMailMessageContent business class
-
EMailMessageQueue business class
-
LawsonClassicMessage business class
-
LawsonClassicMessageGroup business class
-
LawsonClassicMessageVariable business class
-
LawsonClassicMessageReference business class
-
LawsonClassicMessagefield business class
-
M3Message business class
-
M3MessageGroup business class
-
M3MessageVariable business class
-
ProcessFlowFolder business class
-
ProcessFlowQueue business class
-
ProcessFlowVariable business class
-
ProcessFlowExecutor business task
-
ReportDocument business class
-
SpellingDictionary business class
-
UserNotificaton business class
-
EnpPersonalObject key field
Grants inquiry only access to the following objects in the data area:
-
person module
-
Actor business class
-
ActorContext business class
-
Agent business class
-
ParentAgent business class
DataAreaAuthorAdminAccess_ST Security Class
Grants unconditional access to the following security objects in each data area:
-
repository module
-
person module
-
ActorContext business class
Grants inquiry only access to the following object:
-
SecurityClass business class
DatabaseEnvironmentAdminDbAccess_ST Security Class
Grants unconditional access to the database utilities available through the Infor Landmark Administration Console.
Specifically, it grants access to the following: objects:
-
AdministratorConsole web application
-
admincon module
-
DbCount business task
-
DbExport business task
-
DbImport business task
-
DbUpdateLobs business task
-
DbVerify business task
-
DETExport business task
-
DETImport business task
-
SpellDictMaint business task
-
SpellDictMaintDeletebusiness task
DatabaseEnvironmentBasicDbAccess_ST Security Class
Grants unconditional access to a subset of the database utilities available through the Infor Landmark Administration Console.
Specifically, it grants access to the following: objects:
-
AdministratorConsole web application
-
admincon module
-
DbCount business task
-
DbVerify business task
-
SpellDictMaint business task
DataImportAccess_ST Security Class
Grants unconditional access as required to invoke data import from the Infor Rich Client or the Web User Interface, in each data area:
-
la module
-
DataImport business class
DataMenuAccess_ST
Provides access to the Data Menu widget in the Infor Rich Client.
EnterpriseAllAccess_ST Security Class
Provides access to enterprise objects.
Grants unconditional access to the following objects:
-
enterprise module
-
EnterpriseCompany business class
-
EnterpriseGroup business class
EnterpriseInquiryAccess_ST Security Class
Provides inquiry only access to enterprise objects.
Grants unconditional access to the following object:
-
enterprise module
Grants inquiry only access to the following objects:
-
EnterpriseGroup business class
-
EnterpriseCompany business class
FutureDataIndicatorAccess_ST Security Class
Grants unconditional access to the future data indicator in the GEN data area.
GlobalUIConfigAccess_ST Security Class
Provides special access rights to enable a user to make their UI configuration changes available to all users.
Grants unconditional access to the all global UI configuration action for the GEN data area (note that this access right is not included in the all actions right for the GEN data area).
InbasketAdministrator_ST Security Class
Provides access for administrators for Inbasket functions.
Grants unconditional access to the following objects:
-
pfi module
-
Lpa web application
-
PfiDocument business class
-
PfiFilterKey business class
-
PfiMetrics business class
-
PfiMetricsSummary business class
-
PfiMessage business class
-
PfiQueue business class
-
PfiQueueTask business class
-
PfiRouting business class
-
PfiTask business class
-
PfiTransactionRequest business class
-
PfiUserCategory business class
-
PfiUserTask business class
-
PfiWorkunit business class
-
PfiWorkunitFolder business class
-
PfiWorkunitVariable business class
Grants inquiry only access to the following objects:
-
PfiActivity business class
-
PfiErrorMessage business class
-
PfiUserProfile business class
InbasketUser_ST Security Class
Provides access for users for Inbasket functions.
Grants unconditional access to the following objects:
-
pfi module
-
Lpa web application
-
NotificationsTablet web application
-
NotificationsSmartPhone web application
-
QueueTask business class
Grants inquiry only access to the following objects:
-
PfiActivity business class
-
PfiErrorMessage business class
-
PfiMetrics business class
-
PfiQueue business class
-
PfiQueueAssignment business class
-
PfiRouting business class
-
PfiServiceDefinition business class
-
PfiTask business class
-
PfiUserTask business class
Grants inquiry and create access to the following objects in the data area:
-
PfiMessage business class
-
PfiTransactionRequest business class
-
PfiWorkunitFolder business class
-
PfiWorkunit business class
-
PfiWorkunitVariable business class
Grants access to the following business class when the actor equals the actor in the PfiUserProfile record:
-
PfiUserProfile business class
Also, for the PfiUserProfile business class, access is granted to all fields except the NotifyOption field.
IRCInstallSpecAccess_ST Security Class
Grants the access needed to modify the Infor Rich Client installation specifications and to update the Infor Rich Client trusted certificate in the Infor Landmark Administration Console.
JobQueueAccess_ST Security Class
Provides access to manage the Job Queue database and related objects, such as ProcessFlow and the AGS execution framework.
Grants unconditional access to the following security objects in the GEN product line:
-
async module
-
la module
-
AsyncWebApp web application
-
AsyncActionMisfire business class
-
AsyncActionRequest business class
-
AsyncActionTrigger business class
-
AsyncActionType business class
-
AsyncQueueDefinition business class
-
AsyncQueueMapping business class
-
BatchTask business class
-
BatchTaskStep business class
-
EMailMessageAttachment business class
-
EMailMessageContent business class
-
EMailMessageQueue business class
-
EnpPersonalObject business class
-
LawsonClassicMessage business class
-
LawsonClassicMessageGroup business class
-
LawsonClassicMessageVariable business class
-
LawsonClassicMessageReference business class
-
LawsonClassicMessageField business class
-
M3Message business class
-
M3MessageGroup business class
-
M3MessageVariable business class
-
ProcessFlowFolder business class
-
ProcessFlowQueue business class
-
ProcessFlowVariable business class
-
ReportDocument business class
-
UserNotification business class
-
ClassicTransactionExecutor business task
-
EMailExecutor business task
-
M3TransactionExecutor business task
-
ProcessFlowExecutor business task
LimitedFormPersonalization_ST Security Class
Provides access for users to personalize forms.
LimitedListPersonalization_ST Security Class
Provides access for users to personalize lists.
MobileAdministrationWebAppAccess_ST Security Class
Grants access to mobile-enabled administrator functions.
Grants unconditional access to the following objects:
-
AsyncSmartPhone web application
-
AsyncTablet web application
-
LpaAdminSmartPhone web application
-
LpaAdminTablet web application
-
PhoneSecurityAdministrator web application
-
TabletSecurityAdministrator web application
PersonalizationAccess_ST Security Class
Provides access for users to personalize some UI components in the Infor Rich Client.
ProcessAutomationProxy_ST Security Class
Grants access to Infor Process Automation for proxies when the actor matches the user profile from Infor Process Automation.
ProcessAutomationReporting_ST Security Class
Provides access to Infor Process Automation reporting.
Grants unconditional access to the following objects:
-
pfi module
-
PfiTaskReport business class
-
PfiProcessReport business class
Grants unconditional access to GenerateTaskRepotData in the following:
-
PfiQueueTask business class
Grants inquiry only access plus access to GenerateTaskReportData and GenerateProcessReportData in the following:
-
PfiWorkunit key field
ProcessDesigner_ST Security Class
Provides access for users of the Infor Process Designer.
Grants unconditional access to the following objects:
-
pfi module
-
LpaAdmin web application
-
PfiDocument business class
-
PfiFlowDefinition business class
-
PfiFlowVersion business class
Grants inquiry only access to the following objects:
-
PfiClassicConnection business class
-
PfiCloverleafConnection business class
-
PfiConfiguration business class
-
PfiConfigurationProperty business class
-
PfiCustomConnection business class
-
PfiEventHubConnection business class
-
PfiFrontOfficeConnection business class
-
PfiFTPConnection business class
-
PfiJDBCConnection business class
-
PfiLandmarkConnection business class
-
PfiM3Connection business class
-
PfiMQConnection business class
-
PfiServiceDefinition business class
-
PfiServiceVariable business class
-
PfiSystemCommandConnection business class
-
PfiTask business class
-
PfiUserProfile business class
-
PfiUserTask business class
-
PfiWebRunConnection business class
-
PfiWorkunit business class
-
PfiWorkunitVariable business class
-
PfiXRefCode business class
-
PfiXRefValue business class
ProcessSchedulingAllAccess_ST Security Class
Provides access for administrators who work with scheduling for Process Server.
Grants unconditional access to the following objects:
-
pfi module
-
PfiTrigger business class
-
PfiTriggerFolder business class
-
PfiTriggerVariable business class
Grants inquiry only access to the following objects:
-
PfiFlowDefinition business class
-
PfiServiceDefinition business class
Grants access for creates to the following objects:
-
PfiMessage business class
-
PfiServiceFlowDefinition business class
-
PfiWorkunit business class
-
PfiWorkunitFolder business class
-
PfiWorkunitVariable business class
ProcessServerAllAccess_ST Security Class
Provides access for administrators who work with Process Server.
Grants unconditional access to the following objects:
-
la module
-
pfi module
-
Lpa web application
-
LpaAdmin web application
-
PfiTranslation business class
-
PfiXRefCode business class
-
PfiXRefValue business class
-
ProcessFlowFolder business class
-
ProcessFlowQueue business class
-
ProcessFlowVariable business class
-
UserNotification business class
-
ProcessFlowExecutor business task
-
PfiBciApiInfo key field
-
PfiChannel key field
-
PfiClassicApplication key field
-
PfiConfiguration key field
-
PfiDocument key field
-
PfiEventServer key field
-
PfiFilterKey key field
-
PfiFlowDefinition key field
-
PfiForm key field
-
PfiServiceDefinition key field
-
PfiTask key field
-
PfiTransactionRequest key field
-
PfiTransactionRequestState key field
-
PfiTrigger key field
-
PfiUserProfile key field
-
PfiWorkunit key field
-
PfiWorkunitState key field
Grants inquiry only access to the following objects:
-
person module
-
Actor business class
ProcessServerReadAccess_ST Security Class
Provides access for administrators who need read access to Process Server.
Grants unconditional access to the following objects:
-
pfi module
-
la module
-
LpaAdmin web application
-
JobQueueService executable
Grants inquiry only access to the following objects:
-
PfiBciApiInfo key field
-
PfiChannel key field
-
PfiClassicApplication key field
-
PfiConfiguration key field
-
PfiDocument key field
-
PfiEventServer key field
-
PfiFilterKey key field
-
PfiFlowDefinition key field
-
PfiForm key field
-
PfiServiceDefinition key field
-
PfiTask key field
-
PfiTranslation business class
-
PfiTransactionRequest key field
-
PfiTransactionRequestState key field
-
PfiTrigger key field
-
PfiUserProfile key field
-
PfiWorkunit key field
-
PfiWorkunitState key field
-
PfiXRefCode business class
-
PfiXRefValue business class
ProcessServerUserAdmin_ST Security Class
Provides access for administrators of Process Server users.
Grants unconditional access to the following objects:
-
pfi module
-
LpaAdmin web application
-
PfiFilterKey business class
-
PfiTask business class
-
PfiUserCategory business class
-
PfiUserPreference business class
-
PfiUserProfile business class
-
PfiUserTask business class
ProductLineAccess_ST Security Class
Provides access to the data area for the product line in which
it is generated. Always generated by the buildprod
process for each product line.
ProductLineAuditAccess_ST Security Class
Provides access to audit logs for the product line in which
it is generated. Always generated by the buildprod
process for each product line.
ProductLineBasicAccess_ST Security Class
Provides basic access to the data area for the product line in which
it is generated. Always generated by the buildprod
process for each product line.
ProductLineHistoryCorrection_ST Security Class
Provides access to the history (audit log) correction functionality for the product line in which
it is generated. Always generated by the buildprod
process for each product line.
ProxyAccess_ST Security Class
Provides access to the proxy management functions.
Grants unconditional access to the following objects:
-
la module
-
person module
-
security module
-
ProxyManagement web application
-
Actor business class
-
ActorContext business class
-
ActorProxy business class
-
ActorRole business class
-
ContextProperty business class
-
Proxy business class
-
ProxyRole business class
-
RoamingUIProfile business class
-
Role business class
-
SecurityCacheTimestamps business class
ProxyAdminAccess_ST Security Class
Provides access to administrators so that they can create user proxies for any users.
Grants unconditional access to the following objects:
-
person module
-
security module
-
ProxyManagement web application
-
AdminProxyDefiniition menu item in the ProxyManagementMenu menu
-
ActorProxy business class
-
SecurityCacheTimestamps business class
-
Proxy key field
Grants inquire access to the following object:
-
Actor business class
-
ActorRole business class
All fields except the Actor and PersonName fields in the following object are not accessible for all actions unconditionally:
-
Actor business class
Blocks access to the following:
-
ProxyDefiniition menu item in the ProxyManagementMenu menu
ProxyGrantorAccess_ST Security Class
Provides access needed for a users to create a proxies that apply only to the roles assigned to them.
Grants unconditional access to the following objects:
-
person module
-
security module
-
repository module
-
ProxyManagement web application
-
SecurityCacheTimestamps business class
Grants unconditional access to the following object when the actor is the actor (grantor) in the Proxy record:
-
Proxy key field
Grants unconditional access to the following object when the actor is the grantor for the proxy and is not the actor to whom the proxy was granted:
-
ActorProxy business class
Grants inquire access to the Actor, CustomActorFields, and PersonName fields, and unconditional access to the ContactInfo.EmailAddress field in the following object:
-
Actor business class
Grants inquire access to the following object when the actor is the actor in the ActorRole record:
-
ActorRole business class
Grants unconditional access to the following object when the actor is the actor in the Actor record or the object is a folder:
-
UserList business class
Blocks access to the following:
-
AdminProxyDefinition menu item in the ProxyManagementMenu menu
ProxyInquireAccess_ST Security Class
Provides access needed for a grantee to view proxies granted to them.
Grants unconditional access to the following object:
-
security module
Grants inquiry only access to the following objects:
-
Proxy business class
-
ActorProxy business class (if the actor is the actor the proxy was granted to)
PublicUserFolderAccess_ST Security Class
Grants unconditional access to the following objects:
-
la module
-
UserFolder business class (when the Actor field is blank)
-
UserFolderItem business class (when the UserFolder Actor field is blank)
RoamingUIProfileAccess_ST Security Class
Grants unconditional access to the following objects:
-
la module
-
RoamingUIProfile business class (when the actor matches the RoamingUIProfile actor value)
ScheduledActionsAccess_ST Security Class
Grants conditional access in the GEN data area for all scheduled actions.
SecurityConfigAccess_ST Security Class
Provides access to the Configuration Console in order to make changes related to security.
SpellingDictionaryAccess_ST Security Class
Provides access to spelling dictionary tables and tasks.
Grants unconditional access to the following objects:
-
la module
For the following object, grants inquiry access for all actions, and unconditional all-action access in special conditions.
-
SpellingDictionary business class
UserAttributeForDataAreaAccess_ST Security Class
Provides access for user administrators who need access to a basic set of user attributes.
Grants unconditional access to the following objects in the GEN product line:
-
la module
-
person module
-
repository module
-
MessageProcessor business task
-
Actor business class
-
ActorContext business class
-
Agent business class
-
ContextProperty business class
-
ParentAgent business class
Grants inquiry only access to the following objects in the data area:
-
DataArea business class
-
KeyField business class
UserFolderAllAccess_ST Security Class
Grants unconditional access to the following objects:
-
la module
-
UserFolder business class
-
UserFolderItem business class