Creatio administration
This documentation is valid for Creatio version 7.14.0. We recommend using the newest version of Creatio documentation.

System operation reference

System operations to which you can manage access are described below.

User and role administration

System operation name and code

Description

Manage user list
CanManageUsers

Permissions to add, modify and delete user accounts in the [Users and administration] section.

Manage user licenses
CanManageLicUsers

Access to the license manager. The users that have permission to manage licenses can log into bpm’online and redistribute the licenses even if bpm’online has been locked due to exceeding the number of distributed licenses.

Change delegated permissions
CanChangeAdminUnitGrantedRight

The ability to delegate the access rights of some users to others using the [Delegate access permissions] detail on the user page.

Managing portal users

System operation name and code

Description

Manage portal users
CanAdministratePortalUsers

Permissions to add, modify and delete portal user accounts in the [Users and administration] section.

Access to portal main page setup module
CanManagePortalMainPage

Permission to set up the portal main page.

General access

General access operations refer to all records in all objects. General access is usually provided to system administrators.

Attention

Access to these operations overrides object permissions (object operations, records and columns). For example, if a user has access to the [View any data] operation, this user will be able to view records of all objects, even those in which the read operation is restricted.

System operation name and code

Description

View any data
CanSelectEverything

Permission to view any data in any object.

Add any data
CanInsertEverything

Permission to add records to any object.

Edit any data
CanUpdateEverything

Permissions to edit any data in any object.

Delete any data
CanDeleteEverything

Permission to delete any records in any object.

Columns and system operations

System operation name and code

Description

Change system operations permissions
CanChangeAdminOperationGrantee

Ability to manage access permissions to system operations. The scope of rights granted by this operation includes the right to register additional system operations.

Access to special sections

System operation name and code

Description

Access to "Access rights" workspace
CanManageAdministration

Access to the [Object permissions] and [Operation permissions] sections. Access to specific administering operations is granted separately.

Access to "Process design" section
CanManageProcessDesign

Access to the [Process design] section, and ability to add and modify business processes.

Access to "Change log" section
CanManageChangeLog

Access to the [Change log] section.

Access to "System settings" section
CanManageSysSettings

Access to the [System settings] section.

Access to “Lookups” section
CanManageLookups

Access to the [Lookups] section.

Access to “Configuration” section
CanManageSolution

Access to the [Configuration] section (System Designer -> Advanced Settings).

View “Audit log” section
CanViewSysOperationAudit

Access to view the contents of the [Audit log] section.

Manage "Audit log" section
CanManageSysOperationAudit

Permission to view the contents of the “System operations audit log” section and to archive the log.

Access to duplicates search 

System operation name and code

Description

Duplicates search
CanSearchDuplicates

Permission to search for duplicates in sections with active duplicate search rules.

Duplicates processing
CanMergeDuplicates

Permission to merge duplicate records on the duplicate search results page. Additionally, permission to merge records manually in all accessible sections and lookups.

Access to "Duplicates rules setup”
CanManageDuplicatesRules

Permission to add and edit duplicate search rules.

Access to integration settings

System operation name and code

Description

Access to message exchange services
CanUseMsgService

Permission to configure phone integration.

General actions

System operation name and code

Description

Email providers list setup
CanManageMailServers

Permission to create a list of email servers used to send and receive emails.

Shared mailbox synchronization setup
CanManageSharedMailboxes

Permission to manage shared mailboxes (mailboxes with the [Allow shared access] checkbox enabled).

Change access rights to record
CanChangeEntitySchemaRecordRight

Enables the users to share records in sections with other users. The [Use operation permissions] checkbox must be selected in the corresponding section object.

Ignore access check by IP address
SuppressIPRestriction

When a user who has access to this operation logs in to the system, the IP address restrictions will be ignored.

Export list records
CanExportGrid

Permission to export list data in a *.xlsx file. If a user does not have permission for this operation, the [Export to Excel] action in sections and the “List” dashboard tile menu is disabled.

Permission to run business processes.
CanRunBusinessProcesses

Permission to run business processes in bpm’online. All users have permission to perform this operation by default.

Cancel running processes
CanCancelProcess

Permission to cancel a running business process in the process log.

Access to workplace setup
CanManageWorkplaceSettings

Permission to create and set up workplaces, i.e., managing the section list available in the side panel.

Access to comments
CanEditOrDeleteComment

Permission to edit and delete comments on the feed messages.

Permission to delete messages and comments
CanDeleteAllMessageComment

Permission to delete messages and comments left by other users in the [Feed] section, on the [Feed] tab of the Notification Panel, and on the [Feed] tab of the view and edit pages of system sections. Users can edit and delete their own messages and comments even if they do not have access permissions to this system operation.

See also

Granting access permissions to system operations

 

Did you find this information useful?

How can we improve it?