Your data is a valuable commodity and controlling who can see and update it is very important. In some cases, we may want data to be public. In other cases, we may want only a certain team of users to have access to it. Apex Designer lets you control access at the Business Objects level by setting up access rules.
To adjust the access rules click the Access Controls icon buttonto open the Access Control dialog:
The columns are:
- Exposed indicates whether the operation is exposed as a REST API
- Everyone indicates that anyone can access the operation even if they are not logged in
- Logged In indicates that only users that are authenticated can access the operation
- The remaining columns are teams in the app
The example above is summarized as:
- All operations are exposed as REST APIs
- Users that are not logged in cannot access anything
- Users that are logged in can read information but not do Rank by Capacity
- Supplier users can read and update information but not do Rank by Capacity or Inactivate
- Purchasing users can do everything
Noticed that the "Exposed" checkboxes for the behaviors (Rank By Capacity and Inactivate) are disabled. That is because you set that value on the behavior itself and it cannot be changed here.