It controls user access to those only data which are necessary for him to
perform certain actions in a business application. An access rights’ structure
is defined by an applied solution. A developer can visually define sets of
permissions corresponding to users’ positions or their kind of activity. For
example, there may be such sets of permissions (Roles),
as ‘Chief accountant’, ‘Warehouse manager', ‘Manager’, ‘Head of department’,
etc. Several Roles can be assigned to one user.
Basic and Interactive Access
Rights
All access rights supported by 1C:Enterprise 8 framework can be split into
two big groups: basic and interactive.
Basic access rights are checked always, regardless on the way to access data. While interactive access rights are checked only at performing standard
interactive operations.
All basic access rights in client-server operation mode are performed at the
server side.
Row-level Security
This functionality is implemented by means of 1C:Enterprise 8 system – access
restriction on the level of records and fields ('row-level security'), when
certain form’s fields can be read only or hidden at all from a specified user
(or a user with a specified role).
Data access restriction is implemented using a special condition described in
the query language.
Data access rights condition
description
This condition is checked for every database record that an operation is
performed with.
The condition can be created manually, or using a wizard which is actually
simple version of the query wizard.
Next
Back