This sample role is for employees who have to create a new access control context (ACC) subhierarchy. It allows the creation of subordinate contexts in an access control context. You can use this role to decentralize the maintenance of the access control context hierarchy.
Caution
This role should be used as a demo role with demo users only. A demo role must not be used in a production system in case it contains wildcards “*” (asterisks) for parameters, which might grant too many authorizations to users. After copying this role to a production system, each authorization parameter containing an asterisk must be thoroughly checked before use.
Object Type |
Activity |
Description and Comment |
Corresponding Activity in Database Table TACT |
---|---|---|---|
Access Control Context |
Create |
Creating subordinate context The General Data, Hierarchy, Roles/Users views are visible, but the Objects view is not. |
01 (Create or generate) |
Display |
Displaying context The following views are visible: General Data, Hierarchy and Objects. (Only objects and contexts that the user has authorization for.) Any user assigned through a context role to a certain context implicitly gets the Display activity granted for this context. |
03 (Display) |