Object user actions are configurable instances of a Record Action that you can define for an object and its object types. Defining user actions for an object allows your users to perform specific actions on that object. Once configured, users can select these actions from an object record’s Actions menu. Unlike document user actions, object user actions are not tied to a specific lifecycle. Record Actions are created with the Vault Java SDK to meet your organization’s specific business needs.
Viewing Object Actions
You can view available object actions from Admin > Configuration > Record Actions.
Accessing Object Action Administration
You can assign object actions to a specific object from the Actions tab in Admin > Configuration > Objects > {Object} > Actions.
Assigning Actions to an Object
To assign an action to an object:
- Navigate to Admin > Configuration > Objects > {Object} > Actions.
- In the Actions tab, click Create.
- In the Create Action dialog, select a custom action from the Select Action drop-down. This drop-down shows all custom actions available for this object.
- Click Continue.
- Optional: Modify the Label, Status, and Name. The Label appears to users throughout your Vault. The Status indicates whether the action is active or inactive. The Name identifies the action through the Veeva API.
- Optional: Enter a Description. This description only appears on the action’s configuration page.
- Optional: Select the Available in All Lifecycle States setting. This setting allows users to select this action no matter the record’s lifecycle state. If you unselect this setting, you must manually add the action to each applicable lifecycle state. This setting is selected by default and only available if the object is associated with a lifecycle. If this setting is cleared on a user action currently configured in a lifecycle state, selecting it again returns an error. You must remove the lifecycle configuration before enabling this setting again. By default, the object action is available to all object types on the object only if Available in All Lifecycle States is not selected. If the setting is enabled, you can manually assign the object action to object types as needed.
- Click Save. If this object is associated with a lifecycle, Vault prompts you to set Atomic Security defaults for each lifecycle state.
Note: The Available in All Lifecycle States setting is not supported for some application family object actions. Refer to your application’s Vault Help documentation for any recommendations when configuring Veeva-provided object actions.
Configuring Action Level Security
Action Level Security (ALS) provides a unified way to secure object actions. You can configure ALS at two levels:
- Profile Level Security allows you to configure permissions at the Security Profile level for actions across all lifecycle states. See details about configuring Profile Security below.
- Atomic Security allows you to control which object actions or lifecycle actions are hidden, viewable (visible but grayed out), or executable (visible and clickable) for object records by lifecycle state and role. See Configuring Atomic Security for Objects for more information.
Configuring Profile Level Security on Actions
You can modify permission sets to assign View and Execute permissions on object actions at the Security Profile level. Security at this level provides another layer of control and allows your organization to dictate which users can see and select an object action from an object record’s Actions menu.
To assign object action permissions at the Security Profile level:
- Navigate to Users & Groups > Permission Sets > {Permission Set} > Objects > {Object}.
- In the Object Action Permissions section, click Edit. This section only appears for objects with configured actions, and also appears for permission sets configured with the All Object Record Read or All Object Record Edit permissions.
- Select the View and Execute checkboxes to assign permissions for All Object Actions or for specific actions. Note that when you assign an All Object Actions permission, the permission will apply to all future actions added to the object.
- Click Save.
Object actions execute with System-level permissions. For example, if a user has access to execute the Create Related Product Records object action but does not have explicit permission to create Product records, they can still execute the action to successfully create the related Product records.