Product access security is used to restrict users' ability to read, create, modify, or approve cases that are based on that product. User security profiles are defined by a hierarchy of security elements called security identifiers (SIDs). These SIDs are the building blocks of application security.
Products can be associated with specific SIDs. In order for a user to access a particular product, that user's security profile must contain the SID that is associated with that product. For instance, if a product is associated with a particular SID, then a user cannot access a case based on that product unless that SID is contained in the user's security profile. Note that if no SID is entered for a product, then all users have access to that product. However, if at least one SID is entered for a product, then users without that SID in their profile will not have access to that product.
The following list describes the rights that can be secured for each product:
- Approve
- Any user whose security role contains an approve SID has the security privileges to approve (or reject), read, and maintain cases based on this product.
- Create
- Any user whose security role contains a create SID has the security privileges to create and read case information for cases based on this product.
- Maintain
- Any user whose security role contains a maintain SID has the security privileges to maintain and read case information for cases based on this product. Maintain rights for product security includes rights to manage case evidence, manage case certification, and check case eligibility.
- Read
- Any user whose security role contains a read SID has the security privileges to read case information for cases based on this product. For product security, a user with read rights can view case details. Note that any users with maintain, create, and/or approve rights can also read case details. Thus, when setting up product based security, the read rights are there to be assigned to users who can only view case details.