Alert action permissions
Depending on the user roles that you have, you can configure alert action permissions for available alerts.
For example, you can adjust alert actions permissions for the Search and Reporting app. You can change what alert actions are available to users who create an alert in this app.
To review and change alert actions permissions, use the Alert actions manager page. For more information, see Using the alert actions manager.
Alert actions are knowledge objects. To learn more about managing knowledge object permissions, see Manage knowledge object permissions in the Knowledge Manager manual.
Configure roles for fine-grained management of alert action objects
You can give any role the ability to update the properties and ownership details of any alert action knowledge object. You do this by assigning a number of capabilities to the role: edit_alert_actions and list_alert_actions.
This set of capabilities gives you precise control over who can make changes to alert action knowledge objects. The capabilities collectively override existing access control lists (ACLs) for alert actions, which means that users who hold these capabilities do not need roles with read or write capabilities to the saved searches or their properties or owners.
Where applicable, use the edit_alert_actions and list_alert_actions capabilities to let roles update alert action properties and owners, rather than the admin_all_objects capability.
The following table describes what the new capabilities do and how you can use them to grant permissions for managing saved searches.
| Capability | Description |
|---|---|
edit_alert_actions |
Lets a user edit all alert actions in the system. This capability lets the role edit these fields for a saved search even if they do not have explicit write permissions defined in the saved search ACL. |
list_alert_actions |
Lets a user list all alert action fields in the system, including the privileged alert actions fields, such as the Open Authorization (OAuth) fields, regardless of the access control lists (ACLs) for the alert actions endpoints. Currently, every user can list alert actions except the OAuth fields. Privileged fields are under the [email] stanza, including the auth_password, auth_username, oauth_client_secret, oauth_client_id, oauth_scope, and oauth_url fields. |
After you assign these capabilities to a role, you can then assign the role to users to give them the ability to see all alert actions on the system or edit alert action properties.