Data access rules on search results in business applications
When users with custom user roles search for records in your business application, the search results are based on the data access rules that you configure for the custom user roles.
Consider the following guidelines when you configure data access rules:
•Multiple data access rules might impact the performance of search requests, so use an optimal number of data access rules with an optimal number of conditions.
•After you edit data access rules, users with custom user roles need to wait for at least ten minutes before they search for records in the business applications. If the users search for records immediately after the changes, the search results might be incorrect.
The data access rules impact the search results in the following ways:
•If you configure data access rules, the users can load and view up to 1000 matching records on the search results page. Without data access rules, users can load and view up to 10,000 matching records on the search results page.
•If you configure data access rules, the search results doesn't display the total number of records retrieved by the search request. The search results display the number of records that appears on the current page and this number varies when the user clicks load more.
•If data access rules deny access to Facetable fields for custom user roles, the user can't view these fields in the Filters panel of the search results page.
Data access rules with conditions on related business entity and relationship attributes
Effective in the February 2023 release, the option to create conditions for the following assets and attributes is available for preview:
•Relationships associated with the protected business entity.
•Attributes of the relationship associated with the protected business entity.
•Attributes of a business entity related to a protected business entity through a business entity record field.
•Attributes of a business entity related to a protected business entity through a relationship.
Preview functionality is supported for evaluation purposes but is unwarranted and is not supported in production environments or any environment that you plan to push to production. Informatica intends to include the preview functionality in an upcoming release for production use, but might choose not to in accordance with changing market or technical circumstances. For more information, contact Informatica Global Customer Support.
If you configure conditions with the preceding assets and attributes in data access rules, the search process retrieve the results in the following sequence:
•The search request applies the conditions for business entity attributes or attributes of the business entity related to protected the business entity through the business entity record field and retrieves the records.
•The search request then applies the conditions for relationships, relationship attributes, and related business entity attributes through relationships in the set of matching records retrieved in the preceding step and displays the results.
Records with validation errors
The data access rules that you configure for custom user roles impact records with validation errors listed on the search results page.
The data access rules might restrict access to fields with errors. When users search for records in business applications, they can view records with status as validation errors but can't view the fields with errors due to restricted access.
Note: The privileges that you assign in the user role details page might restrict users from viewing and updating fields with errors.
When users search for records in business applications, the Filters panel on the search results page lists the errors and types of errors along with the number of records retrieved. The number of records for each error and type of error includes records for which user access is restricted on selected attributes. The user can access the record details page but cannot view the fields with errors.
To enable users to view and fix the errors, perform the following steps:
•Edit the data access rules to allow access to fields with errors.
•Assign read and update privileges for fields with errors on the user role details page.
For more information about assigning record privileges, see Managing privileges for custom user roles.
Note: Effective in the May 2023 release, the ability to create and update records that have validation errors is available for preview. You can also preview the validation error types, Errors and Others. The system considers the existing records as valid until you update the records. Preview functionality is supported for evaluation purposes but is unwarranted and is not supported in production environments or any environment that you plan to push to production. Informatica intends to include the preview functionality in an upcoming release for production use, but might choose not to in accordance with changing market or technical circumstances. For more information, contact Informatica Global Customer Support.