In reply to: Ralf Kühne (VSB)
if you use Jva Script for this, traceability might also become problematic. The actions for adding, removing and changing item list entries only work on a per-instance basis. If you want to add an entry "from outside", these do not work. (e.g. assume a for-ech automation)
With the SQL procedures, the changes in the item list are at least visible, even if not under the name of the executing person.
Finally, there is still the use of the WEBCON REST API ... which can also be used to create item list entries.
you have a point there. I was focused on the fact that less experienced users will read this and may do something which cause undesired side effects. On the other hand, non experienced users won't be able to use the procedures.
I'm wondering whether this would be possible with R3
From the change log:
Changed the scope of privileges and the dedicated database read
The change applies to systems where a dedicated Database read account
was defined during installation (the account for which SQL COMMAND rules
and all SQL queries using Default connection are executed).
When upgrading the system to the latest version, a database user named
BPS_User will be created in all content databases with read permissions for
selected tables and views. If a BPS_User user exists in the database, their
privileges will be extended accordingly. The detailed scope of privileges
granted to BPS_User is available in the dbo.proc_GrantLowPrivileges()
After upgrading the system, all queries performed so far by the system in the
context of the dedicated Database read account will be executed in the
context of BPS_User.
For newly created installations, all queries using the Default connection and
queries executed in SQL COMMAND rules will always be executed in the
context of BPS_User. It is not possible to change this behavior.
If I understand this correctly, any query will be executed with the read account and it won't be possible to execute and modification query. At least without changing the permissions of the user yourself.