The update process is performed in three steps, if different access control methods are used:
Creating an update (in the developer repository).
Executing the update by the user with the Read and Write Permissions for All Objects privilege (in cloned customer repository).
Executing the update by the user with the Change User Permissions, Distribute Roles, Edit Policy and the Changing Security Label And Access Control List of Any Object. Browsing all objects in the navigator privileges (in cloned customer repository).
The table contains user permissions required to create, edit, search and update various elements:
| Update elements | Discretionary access control method | Mandatory access control method |
| Elements are available for users included in the Administrators built-in group. | Elements are available for users included in the Administrators built-in group if the users have mandatory access to change each update element. |
|
Elements are available for a user with the Change User Permissions, Distribute Roles, Edit Policy and the Changing Security Label and Access Control List of any Object. Browse All Objects in the Navigator privileges. |
||
Comments, SQL commands, folders and data about object deletion |
Elements are available for any user with access to a corresponding operation with an update file. | |
See also:
Questions and Answers | How Update Process is Performed If Administrator Roles Are Separated?