Product Documentation
Abstract
• Explain field level security • Describe how field level security works • Understand the components of a field level security rule • List field level security rule restrictions • Define field level security rule access controls • Explain how to create a field level security rule
Content
• Field level security allows you to control access to individual fields within an object. • It can be applied only to object instances to which a user already has access through a combination of role-based security and record level security. • If no field level security is defined for an object, security is applied at the object level. • When you define a field level security rule, you must consider all the scenarios that are required to access the field. • If any scenarios are not defined, a user's access to the field is denied. ▪ This is known as redaction. • Security rules are applied to all OpenPages system components, including Reporting, Workflow, FastMap, Triggers, Reporting Periods, and all available views.
How it works:
• One security rule might specify that if a user is not an Owner, they have Read access only to a field. If a user is an Owner, they have Read and Update access. • When the outcome of the formula is true, then Read access or Read and Update access is granted to a user. • When the outcome of the formula is false, the field is redacted. • The way that access is restricted depends upon whether the outcome of a formula is true or false when it is applied to a field. • True ▪ The field is available to users as Read Only or Read and Update. • False ▪ The field is redacted. ▪ Users can see the field label, but not its value. Instead, the value is redacted, and the user sees some text, such as “Confidential” in place of the field value.
Restrictions:
• System fields are not supported. ▪ The system fields are “Name”, “Description”, “Location”, “Creation Date”, “Created By”, “Last Modification Date”, “Last Modified By”, and “Comment”. • Computed fields are not supported. • If more than one rule applies to a field, the rules are combined by using an OR condition. • If more than one rule is defined for the same field, and one grants Read access to the field, and another grants Read and Update access, then a user is granted Read and Update access if the outcome of each rule is true.
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSFUEU","label":"IBM OpenPages with Watson"},"Component":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
30 May 2019
UID
ibm10885676