Application-Level Data Restrictions

Created On
byadmin
You are here:

Access to certain features can be disabled for individual applications using Application-Level Data Restrictions. This option can be found under the Basic Application Options in the Edit Application () menu.

When Application-Level Data Restrictions is enabled, a new set of options will appear underneath. These options determine access to certain features in the Data tab.

If it is enabled, then users that can access the data screen for this application will only be allowed to see the features that are allowed by this configuration and allowed by their security rights.

–       If a user can normally Edit records based on their user role but application-level data restrictions are enabled and Edit is disabled from application-level securities, then that user will not be able to edit the record.

–       If a user cannot normally Edit records based on their user role but application-level data restrictions are enabled and Edit is enabled from the application-level securities, then that user will still not be able to edit the record.

–       If a user can normally Edit records based on their user role and application-level data restrictions are enabled and Edit is enabled from application-level security, then that user will be able to edit the record.

–       If application-level data restrictions are not enabled for the application, then user role dictates if the user can access the feature.

Under Custom Roles, there are two security roles associated with this feature:

Modify Application-Level Data Restrictions determines if the user can see this section on the edit applications page for applications that they can edit.

Supersede Application-Level Data Restrictions is a way to disregard these application-level data restrictions for certain users. For example, SystemAdmin will supersede these restrictions, meaning that regardless of what the application-level data restrictions allow, they will be able to access whatever they normally access.

If user disables edit from application-level data restrictions, the SiteAdmin will still be able to see all of these options. SystemAdmin, who cannot normally access any data, will not be able to see them because he does not have access to the data page, even though he exceeds these rules. If he had access, he would be able to see them as well.