Securing Applications

Question 1

What is used to manage script access to resources from other applications?

Answer 1

Runtime Access Tracking
(this is known as cross-scope access)

Question 2

What are the three settings available to Runtime Access Tracking

What is the default setting

Answer 2

None: No authorization required for application scripts to access resources from other applications as long as the other applications allow it. No record is created in the Application Cross-Scope Access table.

Tracking: Allows application scripts to access resources from other applications. A record for the access is automatically inserted in the Application Cross-Scope Access table with a Status value of Allowed. This is the default setting.

Enforcing: Allows application scripts to access resources from other applications only after an admin authorizes the access. A record is automatically added to the Application Cross-Scope Access table with a Status value of Requested.

Question 3

Cross-scope privileges can be granted for what? (3 options)

Answer 3

Cross-scope privileges can be granted for:

Table: Read, write, create, and delete records
Script Include: Execute API
Scriptable (script objects): Execute API

Question 4

What does the “Restrict Table Choices” checkbox do?

Answer 4

When selected, the Restrict Table Choices application setting limits application file configuration to only tables from the current application.

(not selected by default)

Question 5

At what level is application access set?

Answer 5

Table level

Allows developers to do the following:

Grant read, create, update, and delete privileges

Grant access to the table through web services

Allow application files from other application scopes to add new fields to the table

Permit other application scopes to create application files for the table:
Business Rules
Client Scripts
New Fields
UI Actions

Question 6

What do the Can read, Can create, Can update, and Can delete application access options do?

Answer 6

The Can read, Can create, Can update, and Can delete Application Access options grant scripts from other application scopes the ability to perform database operations against the table records.

Question 7

What does the allow access to this table via web services option do?

Answer 7

The Allow access to this table via web services option determines whether users can make inbound web services requests to the table. The user requesting the access must be authorized to access the records. If the user making the request is not authorized, the web services request will not return records even if web services are enabled for the table.

Question 8

What does the allow configuration checkbox do?

Answer 8

The Allow Configuration option allows out-of-scope applications to create application files for tables:

Business Rules
Client Scripts
New Fields (dictionary entries)
UI Actions

Question 9

What has to be true for out of scope applications to create fields on a scoped application’s table?

Answer 9

When Accessible from is All application scopes and Can read and Allow configuration are selected, out-of-scope applications can create fields for the table.