Permissions
  • 30 Apr 2024
  • 1 Minute to read
  • Dark
    Light

Permissions

  • Dark
    Light

Article summary

Zilliant CPQ divides permissions into two types:

  • Static—Loaded when a user signs in to the system. Static permissions are applied with each REST call the user makes.

    Static permissions are defined at the role level.

  • Dynamic—Restrictions applied to granted permissions at runtime. For example, if a user has the DeleteQuotePermission, they can be restricted from performing this operation by using a dynamic restriction.

    Dynamic restrictions are defined at the user or user role level. Each restriction is defined for a specific permission.

    In addition, each condition has a business type to which the restriction applies. Supported business types for restrictions are:

    • Quote
    • Sales Item

Permissions

Available permissions defined in application schema are:

  • All Permission (ALLPERMISSION)
    • Admin Permission (ADMINPERMISSION)
    • Flint Permission (FLINTPERMISSION)
    • Create Permission (CREATEPERMISSION)
      • Create Quote Permission (CREATEQUOTEPERMISSION)
        • Create Sales Item Permission (CREATELINEITEMPERMISSION)
      • Create Account Permission (CREATEACCOUNTPERMISSION)
      • Create Opportunity Permission (CREATEOPPORTUNITYPERMISSION)
    • Read Permission (READPERMISSION)
    • Update Permission (UPDATEPERMISSION)
      • Update Quote Permission (UPDATEQUOTEPERMISSION)
      • Update Quote Status Permission (UPDATEQUOTESTATUSPERMISSION)
        • Update Sales Item Permission (UPDATELINEITEMPERMISSION)
      • Update Account Permission (UPDATEACCOUNTPERMISSION)
      • Update Opportunity Permission (UPDATEOPPORTUNITYPERMISSION)
    • Delete Permission (DELETEPERMISSION)
      • Delete Quote Permission (DELETEQUOTEPERMISSION)
        • Delete Sales Item Permission (DELETELINEITEMPERMISSION)
      • Delete Account Permission (DELETEACCOUNTPERMISSION)
      • Delete Opportunity Permission (DELETEOPPORTUNITYPERMISSION)

As shown in the following hierarchy illustration, lower-level permissions are inherited.

Hierarchy of CPQ permissions

For example, users granted the higher-level permission CREATEPERMISSION inherit the Create Quote, Create Sales Item, Create Account, and Create Opportunity permissions.

The system checks permissions with each REST/Service call. The system evaluates restrictions only for specific operations. These are:

  • Quote
    • Quote deletion
    • Quote update
    • Quote status update (workflow / approval actions)
  • Sales Item
    • Sales item deletion

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.