Assigning permissions to access objects and requests

As an AR system administrator, assign permissions to different users, groups and roles to control and manage access to the data in AR System.

Access control is the AR System mechanism that controls which users can open and perform an action in an application, form, or guide in a browser, and the users who can view, create, modify, and delete a request. You can configure AR System to run with limited access privileges and access to a limited set of resources on the host machine. This configuration prevents malicious scripts or programs from being installed on the machine.

For information about role-based access, see Roles-and-permissions.

Related topics

Access-control-overview

Setting-up-users-access-and-preferences

To define access control

  1. Identify and create the groups and roles for deployable applications that reflect key functions in your company and the type of information each function must access. See, Creating-and-managing-access-control-groups.
  2. Create users on your AR System server and assign their respective groups to them. See, Creating-and-modifying-users.

Group membership determines which objects a user can access and which operations a user can perform. AR System has the following various levels of security:

  • Server—Controls access to the AR System server. A user must be defined on a server or connect to it as a guest user if the server permits them.
  • Application, form, and workflow—Controls access to AR System objects. A user must belong to a group that has permission to access an application, form, active link, or active link guide to see it and use it.
  • Request (or row)—Controls access to individual requests on a form. A user can have permission to view or change only those requests the user created or those created by a member of a group to which the user belongs.
  • Field (or column)—Controls whether a user can view or change a field in a form.

A user can view or change a request but cannot view or change individual fields unless the user also belongs to a group with the required field-level permission.

The following figure shows an overview of access control and lists the questions that you can use to determine user access to AR System:
221_AccessControlOverview.png

The following sections provide information about assigning permissions and controlling access to data and objects in AR System:

Action

Reference

Learn about user and group access, group structures, and group permissions.

Define the permissions for AR System objects such as applications, forms, fields, active links, active link guides, packing lists, and web services.

Understand the different methods to assign or modify permissions that are available in Developer Studio.

Restrict and control access to different users by using groups and fields. 

Enable submitters to modify the requests that they have created.

Enforce restrictions for viewing and uploading attachments to requests to ensure security.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*