PROTECT Action

UDP ›› Actions ››
Parent Previous Next

PROTECT Action

The PROTECT action protects a business object or business object group or their attributes from access by all or specified users. When a business object or its attribute is protected it is not possible for the user to modify the object or attribute in any way - if an attribute of a business object is protected it is read-only on the form of this business object. If the entire object is protected all its attributes are read-only on the form (see Conditional Access). The examples of the PROTECT action are shown below:

   

1.  If Transaction.State='APPLIED' Then PROTECT Transaction FROM ALL  

2.  If Transaction.State='APPLIED' Then PROTECT Transaction FROM ALL EXCEPT Administrator  

3.  If Account.State='CLOSED' Then PROTECT Account.Name FROM User AND Operator  

   

The action in the first example protects the Transaction object from access by all users.

   

The action in the second example protects the Transaction object from access by all users except those operating at the “Administrator” access level.

   

The action in the third example protects the Name attribute of the Account object from users operating at the “User” and “Operator” access levels.

   

  NOTE: By default protection applies not only to changes done via the user interface, but also to changes done by a process.  It is possible to distinguish between these two situations by specifying System as the access level, for example:

   

If Account.STATE <> 'NEW' THEN PROTECT Account.Balance FROM ALL EXCEPT System  

   

In this case users will not be able to change the account balance when the state of the account is not new, however, it is possible to configure the process rules that change the account balance. 

   

  NOTE: Protecting attributes of referred objects is not allowed, for example the action PROTECT Transaction.Account.State FROM ALL is invalid.

   

  NOTE: The PROTECT action can only be used in rules attached to a business object to be protected. The action may not be used in processes.

   

  NOTE: The action specified in the format described above protects against changes to a business object or its attribute (“write protection”). If “read protection” is required, READ prefix should be added in front of the action. When a business object is “read protected” instances that match the protection condition will not be read from the system. For example,

   

If Transaction.State='APPLIED' Then READ PROTECT Transaction FROM ALL  

   

If an attribute is “read protected” it is not visible on any form of the business object and its value cannot be changed.