3 Replies Latest reply: Jul 1, 2015 11:19 AM by Jeffrey Goldberg RSS

    Master Items Permission Rule

    Donish Nasim



      I am trying to find a way to write a rule that would only allow Root Admins the ability to Create New Master Items. I want my normal users to be able to use these master items, but not create any.


      How do I reference the master item in the Advanced security rules?

        • Re: Master Items Permission Rule
          Kris Markee

          Great question, and I wish I had the answer.  It appears that if you are giving users the ability to create new apps, they also get the ability to create master items, but I too have not found a way to disable that without disabling the ability to create apps.

          • Re: Master Items Permission Rule
            Michael Tarallo

            Hello Donish,


            That is a good question. Kris is correct, ContentAdmin roles for example and other non-roles  can create new apps in their My Work stream  - they can as you have seen can create Master Items too. Let me see if my colleague jog can provide any input?  - Jeff?



            Mike T


              • Re: Master Items Permission Rule
                Jeffrey Goldberg

                By default, a user of a published app does not have access to create, update, or delete master items if they are not a content admin.


                That said, on unpublished applications the owner is able to create master items for their apps before they have been published.


                If you want root admins to have the ability to do the same as content admins, check out the rule named ContentAdmin.  You can modify it by changing the Condition from ContentAdmin to RootAdmin.  However, I recommend disabling the built in rule and creating your own version that mirrors it.


                If you want to disable app creation, take a look at this video on Security rules.  SenseSecurityRules.mp4 - Google Drive