AnsweredAssumed Answered

Role Owner - View Only (Security Context)

Question asked by Clive Morrish Employee on Jan 19, 2018
Latest reply on Mar 21, 2018 by Clive Morrish

Hi,

 

I have a requirement to restrict Role Owners from being able to Add Members and Entitlements. This restriction needs to occur in the UI so Role Owners can't edit their role but also within Role Reviews.

 

 

 

There will still be a requirement for Administrators to be able to add members/entitlements, so it is a not an option to change the configuration of the Role to deny users/entitlements.

 

The only way I can think to achieve this is by amending the Security Context file. I've tried uploading the following but am not seeing the expected results.

 

SECURE_OBJECT_TYPE,NAME,ACTION,IMPLICIT_HAS_QUERY,IMPLICIT_BS_CHANGE,IMPLICIT_BU_CHANGE,SCOPE_TABLE,SCOPE_FILTER
Role,Backup Owner,View,scope,,,v_av_latest_roles,backup_owner_id=${id}
Role,Owner,View,scope,,,t_av_roles,owner_id=${id}

 

Is the Security Context file the right approach? If so, where am I going wrong?

Has anyone else had success in achieving the above?

 

Thanks in advance,

Clive

Outcomes