Conditional "By Type" Rules
You can assign access to all securable objects of a particular type. This is a powerful way to quickly open up the system for power users and administrators.
The containment policy for Security Type rules require that users have access to the product lines and system codes in order to get access to the group of the Securable Type objects. For example, if you chose to write a Grant All Access rule to the Securable Type TABLES, but did not grant the user access to product lines and system codes in the profile, the user would still not be able to access any tables.
Lawson Security now provides the ability to write conditional rules on securable types.
This means that you can give a user access to all tables, for example, while still ensuring that the user would not have access to particular tables that they should not see. You would do this by granting access to tables but then specifying the system codes the user could or could not see.
Following is a simple example of a conditional rule on a securable type.
Example 1: Simple conditional rule for the securable type TABLE
Suppose you want to write a rule that allowed power users access to all tables in the IF system code. You would grant access to the Securable Type "TABLE" and then write a conditional rule that restricts the user to IF.
