Support > Repository > Authentication/Authorization > Item-level update authority (updatable or browse only)
ja | en

You can set items that can only be updated by users with specific authority. Make the item read-only for unauthorized users.

Here, we show an example of setting updating authority for three items of "customer's model" "e-mail" "zip code" "address".

Figure 1 Model definition
item Update permission
Customer ID -
Name -
Name -
E-mail p_mail
company name -
Postal code p_adr
Street address p_adr

Open the "Function Privileges" tab in the "Privileges" tab.The operation authority for this model is set. In the standard, there is a principal "general user" with basic authority.(Figure 2)

Figure 2 Function authority

Prepare a new principal.(Figure 3)

Figure 3 Adding a principal

We prepare the principal "personal information".(Figure 4)

Fig. 4 Creating principal "personal information"

Add new permissions to add to the "personal information" principal.(FIG. 5, FIG. 6)

Fig. 5 Creating principal "personal information"
Fig. 6 Permission addition

Prepare the permission "mail" (English name p_mail) for controlling browsing of e-mail items.(FIG. 7)
We manage it with "personal information" principal.

Fig. 7 Creating permission "mail"

Prepare permission "address" (English name p_adr) for controlling postal code and address item browsing control.(FIG. 8)
We manage it with "personal information" principal.

Figure 8 Creating Permission "Address"

Open the detailed definition of the e-mail item."P_mail" is set to "update authority" in the details tab.
In this way, you need a principal with p_mail permission to view this item.

Figure 9 Setting update authority p_mail

Likewise, open the detailed definition of postal code and address item.Set "Update authority" in the details tab to "p_adr".
As a result, in order to view this item you need a principal with p_adr permission.

Figure 10 Setting update authority p_adr

After setting, build, run the application.

Delete permissions

>> Delete permissionsPlease read.

The following tests can not be tried with the trial kit.This is to add account processing.Please use development kit.

First, log on as a system administrator.Select "Account list display" from the management processing menu.(FIG. 11)

Fig. 11 Account list display

Register new account.

Fig. 12 Account new registration screen

Create an account "user" (general user).
Select "Common processing" "Change password" "General user" for the principal.

Figure 13 Creating an account for general users

Create another account "manager" (customer data administrator).
"Common processing" "Change password" "General user" to the principal"personal information"Choose.

You can select multiple principals.At this time I have the role of "general user" and "personal information".
Figure 14 Creating customer management data administration account

After creating these two test accounts, log off the system administrator.

Log on as customer data administrator. We will process the customer's new registration."E-mail" "Postal code" "Address" items can be entered.

Figure 15 Operation with customer data administrator

Then log on as a general user. Items of "E-mail", "Postal code", "Address"It is displayed but can not be entered.The label character color is blue.This means that input is restricted by authorization.

Figure 16 Update screen with general user (Label letters of input restriction items are shown in blue)
Please do not use system administrator in the operation test of authority management.(The system administrator is set to have all authority.)

screen

On the registration/update screen, only display is available and can not be changed.In the list display and detailed display screen, the color of the label changes (to indicate that updating is impossible), but the contents are displayed.Since it is not reflected on the search screen, search is possible.

CSV/Excel download

If you do not have permission, you can not update it.

Fixed value

Fixed valueThe value is always updated even for the operation by the user who has no authority.

initial value

Even with operations by unauthorized usersinitial valueIs set.