What Are Role Overrides?
Overrides are useful when you need to modify the security rules in minor ways and do not want to create additional security classes and roles. If you find yourself making the same override for several users or for several roles, then you should create new roles or security classes.
You use overrides when you need to modify the rules of a security class in one of the following situations:
Override Type | Description |
---|---|
Role Override | Use this when you need the rules modified for when the security class belongs to a specific role. This override then affects all users who have the role. It does not affect the rules for the security class when that class belongs to other roles. |
Security Class Override | Use this when you create a security class that inherits from another security class, and you want to modify one or more of the rules that the new security class inherits. The modified version of the rule will apply in whatever roles the new security class is assigned to. |
Role Override Example
Assume you define roles for various types of managers, such as the human resources manager, the payroll manager, and the accounts payable manager. To this role you assign a security class, called EmployeeInfo that grants access to employee information if the employee is the manager or is an employee that the manager supervises. However, assume that you want the human resources manager to have access to all employee information. One option, of course, would be to create a new security class that granted the wider access and assign that to the human resources manager role. Another way would be to override the EmployeeInfo class through a role override. Then, anyone with the human resources manager role would have the wider access to employee information.
Security Class Override
You can also override a security class by creating security classes with inheritance.
For more information, see the section "Security Class Inheritance".