Securing Applications against Unauthorized Users Module Recap
Core concepts:
- Scoped applications can be secured at the application, application menu, and module levels
- Groups are a set of users with a common purpose
- Assign roles and users to groups
- Groups and user records are not part of an application
- Access Controls grant access to records and record fields
- Create
- Read
- Update
- Delete
- Debug Access Controls with the Debug Security Rules module
- Impersonate users to test security
- Access Control roles are evaluated first, then conditions, then scripts
- Roles, conditions, and scripts must all return true for an Access Control to grant access
- Do not attempt to protect sensitive data with client-side scripted security
