Introduction to Roles and Permissions
Enterprise applications typically involve collaboration among multiple users. Depending on their responsibilities, users require different levels of access to view, edit, delete, and manage application data.
In HAP, Roles & Permissions let you control what users can see and what actions they can perform within an application. An app administrator first configures permissions for each role, then assigns users to the appropriate roles. Once users are added to a role, they automatically inherit the permissions configured for that role.

How Permissions Work
HAP uses a role-based access control (RBAC) model. Permissions are configured at the role level and then assigned to users through roles.
The configuration process is as follows:
- Create a new app role or select an existing one.
- Configure the role's access to app items, record scope, operation permissions, and field-level permissions.
- Assign users to the appropriate role.
- Users automatically inherit the permissions associated with that role.
This approach eliminates the need to configure permissions for individual users, making permission management easier to maintain and update.
Common Permission Scenarios
With roles and permissions, you can implement common access control requirements such as:
- Control app item visibility: When an application contains multiple worksheets, users can be restricted to viewing only designated worksheets.
- Control view visibility: When a worksheet contains multiple views, users can be allowed to access only designated views.
- Control record visibility: Users can be limited to viewing only records they created, own, have joined, or otherwise meet the configured criteria.
- Control record operation scope: Users can view all records but edit or delete only records related to them.
- Control field visibility: Hide specific fields from users when they view a record.
- Control field editing: Allow users to edit only designated fields while keeping other fields read-only.
- Control fields available during record creation: Restrict which fields users can populate when creating a new record.
- Control feature permissions: Prevent users from performing actions such as sharing, printing, importing, exporting, or bulk operations.
Was this document helpful?