admin
can read, update, and delete any form data. You might have admins who should get this permission company-wide. But you might also want to restict that permissions to form data created by users in certain parts of the company; for instance, a given user might be "admin for the Engineering organization", and she should only have the aformentioned permissions on form data created by users who are either directly in the Engineering organization, or any of its children organizations. This is particularly relevant for roles that are inherently tied to an organization, like "manager", where you're likely to want to say that the permissions you grant to a manager are limited to the data created by the people they manage.admin
for the "HR" organization.properties-local.xml
the necessary properties so Orbeon Forms knows how to extract the user's information from the headers set by the Liferay proxy portlet.properties-local.xml
the following property, so form authors can assign rights to user designated as Organization Owner in Liferay:Support
and iOS
organizations, along with their ancestors in the organizational structure, are stored in the database:iOS
organization, which is under the Engineering
organization, of which John is a manager.orbeon_organization
table. Each organization has a unique id
and is represented in orbeon_organization
by as many rows as the depth of the organization. For instance, the iOS
could be stored with id 123
as follows:iOS
organization didn't already exist, the first time Linda saves data, the above rows will be created. However no id will be generated for the parent organizations; this will only happen when, say, John, the manager of the Engineering
organization saves data, at which point rows for the Engineering
organization will be created, for instance as follows:Support
is renamed Customer satisfaction
, then data in the database needs to be changed.Support
isn't under Engineering
but under Operations
, then information in the database needs to be changed.