Access

Question 1

What permissions are given when the “Allow configuration” Application Access option is selected on a table?

Answer 1

Out of scope apps can create application files for tables:

• Business Rules
• Client Scripts
• New Fields (dictionary entries)
• UI Actions

Question 2

What does the ACL table.None give permission to?

Answer 2

Entire table (needed to set more specific rules)

Question 3

What does the ACL table.field give permission to?

Answer 3

Specific fields

Question 4

What does the ACL table.* give permission to?

Answer 4

Field level
- all fields but those who have their own rule (table.field)

Question 5

How must Application Access be configured to prevent all other private application scopes from creating configuration records on an application’s data tables?

Answer 5

Set the ‘Accessible from’ field value to ‘This application scope only’

Question 6

What access needs to be given for out-of-scope applications to be able to create Business Rules?

Answer 6

When
1. Accessible from is’ All application scopes’
2. ‘Can read’ is selected

Question 7

What access needs to be given for out-of-scope applications to be able to create UI Actions?

Answer 7

When
1. Accessible from is ‘All application scopes’
2. ‘Can read’ is selected
3. ‘Allow configuration’ are selected

Question 8

What access needs to be given for out-of-scope applications to be able to create fields?

Answer 8

When
1. Accessible from is ‘All application scopes’
2. ‘Can read’ is selected
3. ‘Allow configuration’ are selected

Question 9

Which roles grant access to source control repository operations such as importing applications from source control, or linking an application to source control?

Answer 9

• admin
• source_control

Question 10

What modules enables security rule debugging?

Answer 10

System Security > Debugging > Debug Security Rules

Question 11

What is the baseline access rules of a table in a privately-scoped application?

Answer 11

1. Accessible from is ‘All application scopes’
2. ‘Can read’ is selected

• All app scopes can read from the table

Question 12

What can you never do when working with global application files?

Answer 12

Move application files into or out of a scoped applciation

Question 13

Which Application Access configuration field(s) are NOT available if the Can read configuration field is NOT selected?

Answer 13

Can create
Can update
Can delete

Question 14

Protection policies are not applied when installed via update sets (TRUE/FALSE)

Answer 14

True

Question 15

Assume an application scope, sn_my_app, exists. Scripts from other application scopes can never delete records from tables in the sn_my_app scope (TRUE/FALSE)?

Answer 15

False

Question 16

What function(s) is used to check the logged in users role in a BR?

Answer 16

gs.hasRole()

Question 17

What function(s) is used to check the logged in users role in a client script?

Answer 17

g_form.hasRole()
- returns true if the current user has the specified role or the admin role

g_form.hasRoleExactly()
- determines whether the current user has the specified role