Permissions
Permissions control who can see, edit, create, or delete data in the system. They ensure sensitive information is protected and that users only access data relevant to their roles.
Permissions exist at two levels:
- Entity Permissions - Control access to entire entities (tables)
- Field Permissions - Control access to specific fields (columns) within an entity
1. Entity Permissions
Entity permissions define which operations a user can perform on an entity.
| Operation | Description |
|---|---|
| Read | User can view records of the entity |
| Create | User can add new records |
| Update | User can modify existing records |
| Delete | User can delete records (or soft-delete, depending on system configuration) |
Notes
- Permissions are role-based
- Each entity can have different permissions per user profile
- Entity permissions are stored in the system table
_EntityPermission
2. Field Permissions
Field permissions define access control at the field (column) level.
| Permission | Description |
|---|---|
| Read | User can see the field |
| Edit | User can modify the field |
| Create | User can create records through the field (e.g. lookup arrays with Allow create enabled) |
Notes
- Field permissions inherit entity permissions
(If a user cannot read an entity, they cannot read any of its fields) - Permissions can differ per user role
- Field permissions allow exposing only relevant information in forms and views
- Field permissions are stored in the system table
_FieldPermission