admincan read, update, and delete any form data. You might have admins who should get this permission company-wide. But you might also want to restict that permissions to form data created by users in certain parts of the company; for instance, a given user might be "admin for the Engineering organization", and she should only have the aformentioned permissions on form data created by users who are either directly in the Engineering organization, or any of its children organizations. This is particularly relevant for roles that are inherently tied to an organization, like "manager", where you're likely to want to say that the permissions you grant to a manager are limited to the data created by the people they manage.
adminfor the "HR" organization.
properties-local.xmlthe following property, so form authors can assign rights to user designated as Organization Owner in Liferay:
iOSorganizations, along with their ancestors in the organizational structure, are stored in the database:
iOSorganization, which is under the
Engineeringorganization, of which John is a manager.
orbeon_organizationtable. Each organization has a unique
idand is represented in
orbeon_organizationby as many rows as the depth of the organization. For instance, the
iOScould be stored with id
iOSorganization didn't already exist, the first time Linda saves data, the above rows will be created. However no id will be generated for the parent organizations; this will only happen when, say, John, the manager of the
Engineeringorganization saves data, at which point rows for the
Engineeringorganization will be created, for instance as follows:
Customer satisfaction, then data in the database needs to be changed.
Operations, then information in the database needs to be changed.