Choice list security

The personalize_choices security role can be used to let non-administrators modify the options for Choice elements on all tables.

If more granular control is desired, you can also create a custom ACL (security rule) governing the personalize_choices operation either for a particular field or for all fields (.*) on a particular table. However, access to the personalize_choices operation on a particular field does not confer the ability to add new choices for that field. To be able to create new choices for a particular field, two ACLs are required:
  • An ACL that grants personalize_choices access for that field.
  • An ACL that grants create access to the Choice table (sys_choice).
For example, to give the hris_admin role the ability to personalize only the Category field for Human Resources KB articles, you need:
  • An ACL granting personalize_choices access to the hris_admin role on the Category field of the Knowledge (kb_knowledge) table.
  • An ACL granting create access to the hris_admin role on the Choice (sys_choice) table.
There are predefined ACLs granting both types of access to the personalize_choices security role, for all fields on all tables. The personalize_choices security role also has read, write, and delete access to the sys_choices table. However, this additional access is not required when making just the Personalize Choices functionality available on a granular basis.