Note: you must not delete or rename the Default and HR security scopes!

In each GN4 system there are two default security scopes that must not be renamed or deleted: Default and HR.

The Default security scope handles all but the planning of user gaps, that is handled by the HR security scope.

About userGap objects and HR security scope

Each userGap object composing the user calendars is associated to a securityScope object via the 'userGap.scopeRef' attribute. This securityScope defines the access permissions on the userGap objects.

The 'New' function of the 'User calendars' page creates the userGap objects in the 'HR' (for 'Human Resources') securityScope - that MUST exist in the system. This security scope grants editing permissions to the members of the 'Administrators' and 'HR' groups, and only view permissions to members of 'Everyone', so a user must be either a System Administrator or member of the 'HR' group to be able to edit user calendars.

Expiration: The 'HR' securityScope is associated with a 'HR' partition, that defines an expiration rule for userGap objects removing (spiking) them as soon as their end date-time is less than the current date-time. This means that as long as the standard configuration is not modified all the userGap created in the 'User calendar' page will be removed as soon as they are in the past.