Skip to main content

 

 

Coupa Success Portal

Field Groups Permissions

The existing object level System Permissions model includes the ability to control the display and to edit the standard fields and User Defined Fields (UDFs) organized into UDF groups on grids, object pages, and widgets based on the user’s access rights within the application.

Enhancements include the following features for all New User Interface (UI) users:

  • A new permissions section, Field Groups, has been added to the Admin tab > User Management and Security Section > Systems Permissions functionality that controls the display and ability to edit UDFs and standard fields in the following locations:
    • Grids (based on Display in Grid setting [under the Admin tab > Configuration Data Management section > Data Dictionary Management – Fields link)
    • Object pages
    • Widgets
  • Field Group level permissions govern the user’s access to UDF groups that are displayed on objects/associations/User Defined Objects (UDOs).
    • Users who do not have permission to view an object/association/UDO cannot be provisioned permission to view or edit fields in UDF groups on that object.
    • When a user is denied access to a UDF group, the group is hidden on the page.
  • Field Group level permissions can be set for the following:
    • Global Permissions: Settings for the entire application
    • User Permissions: Settings for the internal (client) individual
    • Supplier User Permissions: Settings for the external (supplier) individual
    • Group Permissions: Settings for user groups
  • Field Group level permissions are supported for all objects that support UDFs.
    • Widgets, grids, and standard object pages honor Field Group level permissions.
    • Complex Information Management (IM) components on programs will continue to display all groups regardless of security permissions.
  • Administrator users have view rights to UDF groups even when access is denied.
  • Field Group access defaults to Grant View and Grant Edit.
    • View granted (No Edit capabilities):
      • UDF groups display based on tab order (via the Admin tab > Configuration Data Management section > Data Dictionary Management – Fields link).
      • User can view the UDF group and all fields contained in it but cannot edit them.
    • View denied:
      • Group (and fields contained within) is hidden on the page/widget when the user is denied access to the UDF group.
    • Edit granted:
      • User can view and edit the UDF group and all fields contained within it.
    • Edit denied:
      • User can view the UDF group and all fields contained in it but cannot edit them.
      • User can save the page when a required field is empty and included in the UDF group (and Edit rights are denied); field(s) is only required if the user has edit permissions.
    • Create:
      • Not applicable, as UDF groups are created via the Admin tab > Configuration Data Management > Setup Data Management link.
  • ‘Internal Only’ and ‘Admin Only’ configuration options on the fields are still honored when the user has access to the UDF group.
  • ‘Save As’ permissions include the Field Group permissions.

The solution assumes VIEW ALL for reporting. Reporting does not honor UDF Group level permissions.

  • UDF group names will continue to be managed under the Admin tab > Configuration Data Management section > Setup Data Management link > Select Type dropdown list – UDFGroupNames.
  • The ability to provision permissions at the UDF group level provides an additional level of granularity to the existing permissions model. The object level permission model remains unchanged.
  • Like existing permissions, UDF Group permissions will be change logged and available to reporting.
  • Was this article helpful?