Question

What is Path to User and Path to Owner and why do we use it and what is diff between them ? Can anyone please explain me this in their own words in detail please?

0

\Hi Experts, I was going through the learning path for configuring advanced security. I came across 2 terms which are path to user and path to expert. Can any one please explain to me what is Path to User and Path to Owner(screenshot attached below) and why we use it and what is the diff between them? Please find the screenshot of document i am going through

asked 2023-01-23

Harsh Bhanushali

3 answers

Mike Kumpf · Answer 1 · 2023-01-23

These are used when creating access rules on an entity.

Path to owner is used when you want to create an access rule that is specific to the user who created an object.

Path to user is used when you want to create an access rule for a user that is associated to an entity in some way. For instance, if you want the manager of a department to have different access rules than other users, you could use Path to User to create an access rule that identifies managers via one or more associations.

Mohamedbeemubeen N · Answer 2 · 2023-05-31

Owner

The Owner button adds an XPath constraint so the access rule is only applied if the object owner is the current user.

[System.owner='[%CurrentUser%]']

This constraint is only valid when the Store ‘owner’ checkbox in the System members section of the entity properties is checked.

Path to User

The Path to user… button adds an XPath constraint so the access rule is only applied when the User object which is associated (directly or indirectly) is the current user. When you click Path to user…, you can select a path to an associated entity that is either a System.User or a specialization of System.User. This is then converted into an XPath constraint for the access rule.

[Module.Order_Customer = '[%CurrentUser%]']

As an example:

Assume that the Customer entity is a specialization of the User entity. The Order entity is associated with the Customer entity via the Order_Customer association.
Assume that a logged-in customer is only allowed to view their orders, but is not allowed to view the orders of other customers. The XPath constraint can be constructed easily using the Path to user… button by selecting the Customer entity in the Order entity access rule.

Because of this XPath constraint, access defined in the Access rights tab is only applied to orders for which the customer is the current user.

Bart Zantingh · Answer 3 · 2023-01-24

The owner of (an instance of) an object is the user that has created that instance. The ‘path to owner’ is therefore the path that leads to the specific user that created that object.

The ‘path to user’ leads to a specific user or group of users (e.g. users with a specific user role) that may or may not be associated with that particular (instance of the) object. It basically says 'this user or group of users has access to this object and can do stuff with it.

An object can have multiple users authorized to access it, but always has only one owner.