Restricting write access to process PA (process inheritance)
Env JAZZ 502 ifix3 single CLM install using tomcat
We are trying to set up a process project area that will be used to define a process that will be used by several "child" project areas. No users are defined as members in the process PA. In testing, users who are only members in a child PA can create records in in the process PA regardless of the setting in the access control area of the process PA. According to the access control screen it only states that users in other PAs inheriting the process will have "read" access. So why can user create records? This appears to be a security flaw. What we are trying to accomplish is to have a master process template that we as the administrators define and control the process that other PAs will inherit. We do not want users in these other PAs to create records in the process PA. |
Accepted answer
Geoffrey Clemm (30.1k●3●30●35)
| answered Nov 18 '15, 8:54 p.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER
Have you removed "Work Item -> Save Work Item" permission from the Everyone role in the master project area?
Norman Dignard selected this answer as the correct answer
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.