Secured Entity Types - Data Stewardship

An entity type is a category of items to which you want to grant or deny access. Approval flow types used to define approval flows are included here. The following permissions control access to Data Stewardship entity types.

Exceptions and approval flow types

Entity types control access to modify, delete, manage, and review exceptions in Data Stewardship. Approval flow types use execute permissions to allow types to be used to define approval flows. Approval flow types are created on the Spectrum Management Console Data Stewardship Settings page and listed in the table by name.

Provides access to the Data Quality page to review exception trend data. A user who does not have View permissions will not be able to see the Data Quality page. For the Exception type, this setting provides access to view Exception records in an Approval flow.
Provides access to the Manage page and all users exceptions on the Dashboard and Editor pages. A user who does not have Modify permissions will not have access to the Manage page or other users exceptions. For the Exception type, this allows a user to edit Exception records.
Note: Modify permissions also controls access to users in the Read Exception stage. A user who does not have modify permission will not be able to read other users' exceptions from Data Stewardship.
Provides access to the Purge section on the Manage page that allows a user to delete exceptions.
Note: A user must also have Modify permissions to access the Manage page.
Check this box to use approval flow types to create approval flows. See Approval Flows.

In addition to creating secured entity types, you can also use Access Control to create security entity overrides that specify exception record restrictions for specific dataflows or specific stages. These overrides supersede user-based and role-based security entity type settings to make permissions more restrictive.

For example, if user JohnSmith has Modify permissions based on the secured entity type, but there are specific exceptions for a dataflow that his manager does not want anyone to alter, his manager can define an access control setting that restricts John Smith from modifying exceptions for that particular dataflow. He is still able to modify other dataflows, but not the one for which there is the more restrictive access control setting.