Module 5 Flashcards
What 4 places can access be restricted in service now?
-Application menu
-Modules
-Records
-Fields
If a user has access to the ________ module, they can see all tables including those for which they cannot see records.
System definition> table module
Users can type ________ into the type filter text field in the application navigator to attempt to open the list of records for any table
<table_name>.list
</table_name>
<table_name>.list usually allows a user to open a list of records for that particular table but depending on the users permissions what 2 things can happen?
</table_name>
-The list may not display all the records (number of rows removed from this list by security restraints message)
-The list page is not rendered (security restraints prevent access to request page message)
How do you control access to application menus or modules?
Through roles
Users without an application menu’s role cannot see the menu in the application navigator, users with the role can see what?
The menu
Where do you set an application menus or a modules permissions?
In studio , edit roles
This role allows users without access to the application menu to access a module for which they are authorized
The override application menu roles
Access controls can only be created or edited in studio if the user has elevated to which role?
security_admin
If you have the elevated security_admin role but can’t edit or create access controls, what do you do?
Save any application file to update studio’s permissions
How many access control rules can be created automatically when adding tables to an application
Four
Access to records and fields is denied by default?
True
The wild card access control rule (.) for the create operation reuses the same permissions as which operation, unless you do what?
Write ; unless you define an explicit create operation ACL rule
Where do you go to see all access controls evaluated on for a record?
On a list select configure> security roles
Configure the application form or list’s security rules to edit the access controls that apply to the record and to avoid what?
Inadvertently editing non-applicable access controls
When access controls are created what is automatically populated?
The description field
This access control rule applies to a tables records; must have to view a table’s list or form.
table.none
This access control rule applies to every field on a record where there is no field specific ACL?
table.*
This access control rule applies to only one field on a record
table.field
What happens if access is denied to a row?
No field level rules can grant access
If access to a row is allowed but the field is denied what happens?
The field is not visible
If access to a row is allowed and access to a field is allowed, what happens?
The field is visible
A field specific ACL excludes all other roles from access to that field (t/f)
True
table.* ACL gives access to all fields for a table that don’t have a field-specific rule, and excludes users with all other roles (t/f)
True
To easily exclude fields, what ACL should you use?
Table.*
To easily include fields, do not use which ACL?
table.*
A user must pass both _______ and ______ ACL rules to access a record object
Table and field
Access control rules are usually processed how?
From most specific to most general
Record ACL rules are processed in what order?
- Match object against table ACL rules (specific to general)
- Match the object to field ACL rules (specific to general)
What happens if a user fails a table access control rule but the pass a field control rule?
The user is still denied access to all fields in the table
If a user passes a table ACL but fails a field ACL rule, what happens?
The user can access the table but not the field described by the field ACL rule
Are there system created access control rules?
Yes