OneData 10.7 | Managing Master Data with webMethods OneData | webMethods OneData User’s Guide | OneData Users | OneData Object Security | Security Options
 
Security Options
Conceptual objects must be defined to use one of three possible security implementations to define the level of user privileges to assign to objects within a hierarchy. Object security in OneData can be implemented to be inherited from the root-level (top-level) object or evaluative, in which the most conservative security setting is applied to child-level objects.
OneData provides the following object security options:
*Conservative: Evaluative security. OneData compares the privileges of the child entity with the privileges of the conceptual (root-level) object and applies the most conservative security to the child object. This security option overrides entity-level privileges if the root-level security is more conservative that of the child entity.
*Entity Based: Non-evaluative security. OneData applies the security privileges as they are assigned to each object. For example, if the user-privileges in the conceptual object are read-only and edit in the child object, OneData implements the security as assigned to the entity, allowing the user to edit the child object and view the conceptual object.
*Root Based: Inheritance and override security. OneData applies the security assigned to the root-level object to the child object, overriding the entity-based child-level security. For example, if a user has edit privileges for the root-level object and read only privileges for the child-level object, the user will have edit permissions for both objects. Similarly, if the user has read-only privileges on the root-level object and edit privileges for the child object, OneData overrides the edit privileges for the child object and grants the user only view privileges for both objects.
The following table provides an example of how OneData implements user-level privileges when the conceptual object is assigned conservative or root-based security.
User-Level Privileges
Override User-Level Privileges
Top-Level Object
Child Object
Conservative Security
Root-Based Security
Insert
View
View
Insert
View
Insert
View
View
Insert
Edit
Edit
Insert
Edit
Insert
Edit
Edit
Edit
View
View
Edit
View
Edit
View
View
Edit
Edit some columns
Edit some columns
Edit All
Edit some columns
Edit
Edit some columns
Edit limited
Delete
No Delete
No Delete
Delete
No Delete
Delete
No Delete
No Delete
Note:
Security is unrelated to the conceptual object view as parent-child, advanced parent-child, or tree view.