The update is performed in three steps if administrator roles are separated:
Creating an update (in the developer repository).
Updating by information security administrator (in cloned customer repository).
Updating by application administrator (in cloned customer repository).
The update file that contains data about updated objects and their access permissions will be created, opened or installed by each of the administrators with a different set of available elements.
The information security administrator can work with:
Access permissions to repository objects and to special objects.
The application administrator can work with:
Repository objects (new for the customer database and already existing in it).
There are also differences in creating, opening, saving and installing update, on searching for an update element.
In accordance with user privileges object update options are not fully available. Parameter values inappropriate to privileges are not displayed. If a parameter contains values that do not correspond to privileges, it is displayed as read-only in the current value.
The information security administrator can also install updates containing update unit without the ability to view unit contents.
See also:
Questions and Answers | How Is Update Performed If Various Access Control Methods Are Used?