Programming codex

Maximo Advanced Security Configuration – Data Restrictions

Maximo Advanced Security Configuration – Data Restrictions

[ad_1]

Advanced Security Configuration – Data Restrictions

Data Restrictions are part of the setup of the Security Groups and can be found in the Go To menu under Security > Security Groups. Data Restrictions can be set up for any of the groups from the Data Restrictions tab and can be used to:

– Restrict visibility of entire objects – this would be used to limit users from viewing particular Purchase Order, for example, those of other departments

– Restrict visibility of particular attributes – this is used to stop particular users from viewing some of the details of particular records

– Restrict visibility of collections – restrict particular users to view only particular sets of items or companies

Before setting up Data Restrictions it necessary to set up Conditional Expressions.

Setting-Up Conditional Expressions

Conditional Expressions are setup from the Conditional Expression Manager application which can be found in the Go To menu under Administration > Conditional Expression Manager. A conditional expression is made up of the following details:

Attribute – Description

Condition Code – A reference code for the expression

Description – A brief description of the condition

Type A value, either CLASS or EXPRESSION that defines whether the condition is attached to Java Class or SQL Expression

Expression SQL – Where Clause containing the condition under which expression is positive or negative

Class – This is a reference to the Java class which needs to be called by this Conditional Express

Always Evaluate – The always evaluate check marks should be checked for complex expressions which include references to other fields. This way the field will be re-evaluated when changes to other fields occur. Re-evaluation has a processing overhead.

Reference Count – This is a read-only field that gives the details on how many times this condition is used within particular areas of the system.

Applying the Data Restriction

Data Restrictions are applied in the Security Groups application on the Data Restriction application. The tab contains three sub-tabs:

– Object Restrictions

– Attribute Restrictions

– Collection Restrictions

Object Restrictions

The object restrictions tab is used to create controls against an object such as work orders, purchase order or items. It includes the following fields:

Attribute – Description

Object – The name of the object

Application – The name of the application to which the restriction should apply, if left empty it will apply to all applications

Type – This field includes the following choices:

– READONLY – the object fulfilling the condition will be shown but will be read-only

– HIDDEN – the object will not be shown in the application

– QUALIFIED – the object will not be shown in applications or look-ups

Re-Evaluate – Same as above

Condition – The condition to be used for this restriction. All objects which fulfill the condition will be restricted.

Attribute Restrictions

The attribute restriction is used to hide a particular attribute, such as the labor rate, or total contract value.

Attribute – Description

Object – The name of the object to be restricted

Attribute – The name of the attribute to be restricted

Application – The name of the application to which the restriction should apply, if left empty it will apply to all applications

Type – This field includes the following choices:

– READONLY – the attribute fulfilling the condition will be shown but will be read-only

– HIDDEN – the attribute will not be shown

– REQUIRED – the attribute fulfilling the condition will be shown and will be required

Re-Evaluate – Same as above

Condition – The condition to be used for this restriction. All objects which fulfill the condition will be restricted.

Collection Restriction

The collection restriction tab is used to give the group access to particular collections.

Example – Setting-Up a Conditional Expression to make Purchase Orders of a particular supplier read-only for a particular group:

1. Go to the Condition Expression Manager application

2. Create a new Conditional Expression by clicking on the New Button and add the following details:

a. Condition Code – POREADONLY

b. Description – Vendor Read-Only

c. Type -EXPRESSION

d. Expression -:VENDOR = ‘ATI’

e. Always Evaluate – true

3. On the Security Groups application select the group to which you want to add the condition

4. On the Data Restrictions tab, select the Object Restrictions tab

5. Create a restriction by clicking the New Row button and add the following details:

a. Object – PO

b. Application –

c. Type – READONLY

d. Condition – POREADONLY

Log in with a user who is part of this group and you find all the Purchase Orders related to vendor ATI as read-only.

[ad_2]

Source by Kelly Tuyen Vo

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on whatsapp

Leave a Reply

Your email address will not be published. Required fields are marked *

Search:

Topics

Recent Posts