By default, each new group or role has no privileges. This means that the system administrator must specify which privileges are actually available to each new group and role so that they can access only the parts of the system that are relevant to them, and so that they can perform only the actions that are relevant to them.
You can set access at four levels: the module level (for example, Request Management), the business object level (for example, Assignment) and the action level (for example, Complete) and attribute level (for example, Salary).
When you make a level unavailable, then all child items (if any) are removed from view. You cannot set privileges for an unavailable business object.
When you make a module or business object available that was marked as unavailable, the change of status is not transferred to the child items. You must then set the status individually for the child items.
When you make a business object available, then you can assign the following privileges for all of the actions associated with it:
You cannot modify the privileges for the Analyst | Administrator role. Also, only the SA user can modify the privileges in the Human Resources module.
Apply Row to All – applies the state for each of the Execute, Read, Update (and Delete where applicable) privileges in the selected row to each row on the page. This means that every privilege on the page will be the same as the selected item. For example, all set to .
The Apply to Column and Apply Row to All options are available only when there is more than one privileged item on the current page.
Copyright © 2019, Ivanti. All rights reserved.