System operations to which you can manage access are described below.
User and role administration
System operation name and code | Description |
---|---|
Manage user list | Permissions to add, modify and delete user accounts in the [Users and administration] section. |
Manage user licenses | Access to the license manager. The users that have permission to manage licenses can log into bpm’online and redistribute the licenses even if bpm’online has been locked due to exceeding the number of distributed licenses. |
Change delegated permissions | The ability to delegate the access rights of some users to others using the [Delegate access permissions] detail on the user page. |
Managing portal users
System operation name and code | Description |
---|---|
Manage portal users | Permissions to add, modify and delete portal user accounts in the [Users and administration] section. |
Access to portal main page setup module | Permission to set up the portal main page. |
General access operations refer to all records in all objects. General access is usually provided to system administrators.
Attention
Access to these operations overrides object permissions (object operations, records and columns). For example, if a user has access to the [View any data] operation, this user will be able to view records of all objects, even those in which the read operation is restricted.
System operation name and code | Description |
---|---|
View any data | Permission to view any data in any object. |
Add any data | Permission to add records to any object. |
Edit any data | Permissions to edit any data in any object. |
Delete any data | Permission to delete any records in any object. |
Columns and system operations
System operation name and code | Description |
---|---|
Change system operations permissions | Ability to manage access permissions to system operations. The scope of rights granted by this operation includes the right to register additional system operations. |
Access to special sections
System operation name and code | Description |
---|---|
Access to "Access rights" workspace | Access to the [Object permissions] and [Operation permissions] sections. Access to specific administering operations is granted separately. |
Access to "Process design" section | Access to the [Process design] section, and ability to add and modify business processes. |
Access to "Change log" section | Access to the [Change log] section. |
Access to "System settings" section | Access to the [System settings] section. |
Access to “Lookups” section | Access to the [Lookups] section. |
Access to “Configuration” section | Access to the [Configuration] section (System Designer -> Advanced Settings). |
View “Audit log” section | Access to view the contents of the [Audit log] section. |
Manage "Audit log" section | Permission to view the contents of the “System operations audit log” section and to archive the log. |
Access to duplicates search
System operation name and code | Description |
---|---|
Duplicates search | Permission to search for duplicates in sections with active duplicate search rules. |
Duplicates processing | Permission to merge duplicate records on the duplicate search results page. Additionally, permission to merge records manually in all accessible sections and lookups. |
Access to "Duplicates rules setup” | Permission to add and edit duplicate search rules. |
Access to integration settings
System operation name and code | Description |
---|---|
Access to message exchange services | Permission to configure phone integration. |
General actions
System operation name and code | Description |
---|---|
Email providers list setup | Permission to create a list of email servers used to send and receive emails. |
Shared mailbox synchronization setup | Permission to manage shared mailboxes (mailboxes with the [Allow shared access] checkbox enabled). |
Change access rights to record | Enables the users to share records in sections with other users. The [Use operation permissions] checkbox must be selected in the corresponding section object. |
Ignore access check by IP address | When a user who has access to this operation logs in to the system, the IP address restrictions will be ignored. |
Export list records | Permission to export list data in a *.xlsx file. If a user does not have permission for this operation, the [Export to Excel] action in sections and the “List” dashboard tile menu is disabled. |
Permission to run business processes. | Permission to run business processes in bpm’online. All users have permission to perform this operation by default. |
Cancel running processes | Permission to cancel a running business process in the process log. |
Access to workplace setup | Permission to create and set up workplaces, i.e., managing the section list available in the side panel. |
Access to comments | Permission to edit and delete comments on the feed messages. |
Permission to delete messages and comments | Permission to delete messages and comments left by other users in the [Feed] section, on the [Feed] tab of the Notification Panel, and on the [Feed] tab of the view and edit pages of system sections. Users can edit and delete their own messages and comments even if they do not have access permissions to this system operation. |
See also
•Granting access permissions to system operations