Record ACL rules

Record ACL rules consist of table and field names.

  • Table name: the table being secured. If other tables extend from this table, then the table is considered a parent table. ACL rules for parent tables apply to any table that extends the parent table.
  • Field name: the field being secured. Some fields are part of multiple tables because of table extension. ACL rules for fields in a parent table apply to any table that extends the parent table.

ACL rules can secure the following record operations:

Table 1. Record operations
Operation Description
execute Allows users to run an application or script.
create Allows users to insert new records (rows) into a table.
read Allows users to display records from a table.
write Allows users to update records in a table.
delete Allows users to remove records from a table or drop a table.
edit_task_relations Allows users to extend the Task table.
edit_ci_relations Allows users to extend the Configuration Item [cmdb_ci] table.
save_as_template Allows users to save a record as a template.
add_to_list Allows users to insert records (rows) into a table from a list.
list_edit Allows users to update records (rows) from a list.
report_on Allows users to create reports on tables. This operation is not valid for field ACL rules.
personalize_choices Allows users to configure the table or field.