How Is Update Performed If Various Access Control Methods Are Used?

The update is performed in three steps if different access control methods are used:

  1. Creating an update (in the developer repository).

  2. Executing the update by the user with the Read and Write Permissions for All Objects privilege (in cloned customer repository).

  3. Performing the update by the user with the Change User Permissions, Distribute Roles, Edit Policy and the Changing Security Label and Access Control List of Any Object. Viewing All Objects in the Navigator privileges (in cloned customer repository).

The table contains privileges required to create, change, search and install various update elements:

Update elements Discretionary access control method Mandatory access control method
Elements are available for users included in the Administrators built-in group.

Elements are available for users included in the Administrators built-in group if the users have mandatory access to change each update element.

Elements are available for the user with the Change User Permissions, Distribute Roles, Edit Policy and the Changing Security Label and Access Control List of Any Object. Viewing All Objects in the Navigator privileges.

Elements are available for any user with access to a corresponding operation with an update file.

See also:

Questions and Answers | How Is Update Performed If Administrator Roles Are Separated?