Permission Handling During Application Upgrade

During the process of upgrading an application, the platform assesses whether to restore permissions and components from the source application or to retain those present within the destination environment. This determination is contingent upon the specific application type and the upgrade methodology employed.

This document provides a comprehensive explanation regarding the administration of permissions, components, and roles throughout the various lock statuses encountered during the application upgrade process.

  • UL - Unlocked

  • PL - Partially Locked

  • FL - Fully Locked

Upgrade Methods and Override Behavior

  • The overrideChanges option is not available for PL and FL applications when upgrading using the Update From XML option in the platform UI.

  • For FL applications, the overrideChanges option is always enabled when upgrading from the original LCAP Marketplace application.

Permission Handling During Upgrade

During an upgrade, permission outcomes follow these general rules:

  • Source permissions might replace destination permissions.

  • Destination changes could be kept.

  • The result is dependent upon the following factors:

    • The lock status of the application.

    • If the component, object, or role already exists.

    • Any override settings used during the application upgrade

Existing Components

Permissions Configured Exclusively in Source

In scenarios where permissions are appended to an existing component within the source application, while the corresponding component in the destination remains unaltered:

  • The permissions defined in the source are reinstated during the upgrade process.

  • The state of the destination component does not influence the upgrade outcome

Result: Source permissions are applied.

Permissions Modified in Both Source and Destination

In cases where permissions on an existing component are altered in both environments:

  • Source permissions are reinstated when the Override Permissions option is enabled.

  • Destination permissions are maintained when the Override Permissions option is disabled.

Result: The outcome depends on the override configuration settings.

New Components

Components Added in Source

When a new component or object is introduced in the source application:

  • The component and its associated permissions are consistently restored during the upgrade process.

Result: The source component is instantiated within the destination environment.

Components Added in Destination

UL and PL Applications

  • Components added in the destination environment are retained throughout the upgrade.

Result: The destination component remains unaltered.

FL Applications

  • Components added in the destination environment are removed when override behavior is enforced.

Result: The destination component is deleted.

Role-Based Permission Handling

Roles Added in Source

When a new role is created within the source application:

  • The role and its associated permissions are reinstated during the upgrade.

Result: The source role is applied to the destination environment.

Roles Added in Destination

UL and PL Applications

  • Roles established in the destination environment are preserved.

  • Permissions may be overridden contingent upon upgrade configuration settings.

Result: The role exists; permissions are subject to override behavior.

FL Applications

  • Roles established in the destination environment remain intact.

  • Permissions may be superseded during the upgrade process.

Result: The role exists; permissions may be replaced.

Notes

Always check permission changes after upgrading the app.

Fully Locked (FL) apps may remove customizations made at the destination.

Upgrade actions are limited to given override options and can't be customized further.