Leaf Permissions (Master Data Services)
Leaf permissions apply to the attribute values for all leaf members of an entity.
For entities without explicit hierarchies enabled, assigning permission to Leaf is the same as assigning permission to the entity.
Notes:
Leaf permissions apply to the Explorer functional area of the user interface only.
Permissions assigned to Name and Code attributes are not enforced.
Permission |
Description |
|---|---|
Read-only |
Leaf members are displayed but the user cannot add, remove, or change them. If consolidated members exist, the names and codes are displayed but the user cannot add, remove, or change them. |
Update |
Leaf members are displayed and the user can add, remove, and change them. If consolidated members exist, the names and codes are displayed but the user cannot add, remove, or change them. |
Deny |
Leaf members for the entity are not displayed. |
Attribute Permissions
Attribute permissions apply to the attribute’s values for the specific entity. Users with attribute permissions only cannot add or remove members.
Permission |
Description |
|---|---|
Read-only |
The attribute is displayed but the user cannot change attribute values. |
Update |
The attribute is displayed and the user can change attribute values. |
Deny |
The attribute is not displayed. Note You cannot explicitly deny access to Name and Code attributes. |
Example
For the Product entity, assign Update permission to Subcategory attribute. Deny permission to all other attributes.
Name |
Code |
Subcategory (Update) |
|---|---|---|
Mountain-100 |
BK-M101 |
{5} Mountain Bikes |
Mountain-100 |
BK-M201 |
{5} Mountain Bikes |
In Explorer, you can update any attribute value in the Subcategory column. If you do not have permission to an attribute, the attribute is not displayed.
Note
In this example, Subcategory is a domain-based attribute, based on the SubcategoryList entity. You can select a different subcategory for Mountain-100 but you cannot add members to or delete members from the SubcategoryList entity.
See Also
Tasks
Assign Model Object Permissions (Master Data Services)
Concepts
Consolidated Permissions (Master Data Services)
Model Object Permissions (Master Data Services)