Read security provides a limited form of access control
that predates access control lists (ACLs). ACLs govern read/write
security and are typically administered at the group level. Read security,
however, is administered at the individual user level and governs
only whether CRs are visible, not writable.
Before you begin
If a user has been assigned a read security value, that
value is stamped on the CR when the user submits it. Because the read
security value of the user and the one stored on the CR match, the
user can view the CR.
A user can view all CRs in the following
cases:
- When the read security value if that user is not set. In this
case, the user does not have read-security restrictions.
- When the read security value of a user is set, but a read security
attribute is not defined in the CR process.
For example, if user mary has a read
security value of TXB Corp (as assigned by the administrator),
the company_id attribute is assigned the value TXB
Corp when the user submits a CR. Also, the user mary can
view only CRs with a company_id of TXB Corp.
Procedure
To set the Read Security attribute:
- Start an Admin session.
- On the Action Panel, click Lifecycle Editor.
- In New File, type company_id attribute,
and then click Create.
You create company_id to
implement read security. Then, users can view only the CRs submitted
by their own companies.
- On the Action Panel, click Lifecycle Editor.
- Select the company_id.xml file, and then
click Edit.
- On the CR Process subbutton bar,
click Edit.
- On the General tab, in the Read
Security Attribute field, select the applicable attribute.
- Click Update.
- On the CR Process subbutton bar,
click Save As.
- In Description, type a description
of the new CR Process template.
- Click Save.
- Define access
control lists.
After the value is set, the company_id is
set to the user read security value when the user submits a CR. Also,
the user can view only CRs that have the read security value of the
user.