Configuring Access Sets by Editing XML

The XML in user access sets can be configured via the XML editor in the Configuration Administrator (for deployed applications) or directly in the userAccess.xml file on the file system (for non-deployed applications).

User access sets are specified in the userAccess.xml file using the <PrivilegeAccessSet/> element, as follows:

<PrivilegeAccessSets>
<PrivilegeAccessSet name="Loan processors">
     <privileges>
       <privilege name="LoanReviewers"/>
        <privilege name="LoanApprovers"/>
     </privileges>
     <access name="EventView">
        <access name="NewView">
            <access name="CustomView"/>
        </access>
        <access name="EditView"/>
        <access name="RemoveView"/>
        <access name="BaseFilter"/>
        <access name="CreateSystemView"/>
        <access name="AuthorSystemView"/>
        <access name="EventViewer"/>
            <access name="SaveView">
            <access name="SaveViewAs"/>
            <access name="CorrelatedEvents"/>
            <access name="EventAttributes"/>
               .
               .
               .

This example user access set specifies two privileges: LoanReviewers and LoanApprovers. This means that any user who has one of these privileges is given access to all of the functions listed in the <access/> elements in this user access set. Note that one of these privileges could also be listed in another user access set in the userAccess.xml file; users with that privilege would be given access permissions granted by the other user access set also.

Access authority can be removed from a user access set by either removing or commenting out the <access/> elements for the desired functions.

Note: Note that removing or commenting out an <access/> element does not deny the user access to the function; it just does not grant it through this user access set. The user may gain access to the function through another user access set that lists a privilege the user possesses.

If a user has access authority to a particular function in the application, the appropriate buttons and/or menu selections for that function are accessible to the user; if the user does not have access authority to a particular function, the buttons and/or menu selections for that function are not displayed in the application.