These are used when creating access rules on an entity.
Path to owner is used when you want to create an access rule that is specific to the user who created an object.
Path to user is used when you want to create an access rule for a user that is associated to an entity in some way. For instance, if you want the manager of a department to have different access rules than other users, you could use Path to User to create an access rule that identifies managers via one or more associations.
Owner
The Owner button adds an XPath constraint so the access rule is only applied if the object owner is the current user.
[System.owner='[%CurrentUser%]']
This constraint is only valid when the Store ‘owner’ checkbox in the System members section of the entity properties is checked.
Path to User
The Path to user… button adds an XPath constraint so the access rule is only applied when the User object which is associated (directly or indirectly) is the current user. When you click Path to user…, you can select a path to an associated entity that is either a System.User
or a specialization of System.User
. This is then converted into an XPath constraint for the access rule.
[Module.Order_Customer = '[%CurrentUser%]']
As an example:
Because of this XPath constraint, access defined in the Access rights tab is only applied to orders for which the customer is the current user.
The owner of (an instance of) an object is the user that has created that instance. The ‘path to owner’ is therefore the path that leads to the specific user that created that object.
The ‘path to user’ leads to a specific user or group of users (e.g. users with a specific user role) that may or may not be associated with that particular (instance of the) object. It basically says 'this user or group of users has access to this object and can do stuff with it.
An object can have multiple users authorized to access it, but always has only one owner.