Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hello Everybody,
There is my problem :
I've implemented a specific security in a production environement (I'm an administrator).
Only admins can publish and manage application on production. But delegated Admin have access to the QMC to see the Apps on which they are responsible for. They just have a "view" right. We don't want they edit the App, modifying Custom Properties for example.
I would like that through the QMC they can launch the tasks refering to the specific Apps on which they are responsible for. They musn't have the right to edit these task.
Today all is mainly OK, except that when they launch the task, they have the error "Insufficient privilege".
The only way I've found to resolve this is to allow "edit" right on the App (and I don't want this).
So, is it possible to authorise to launch the task but not giving the "edit" right on the task nor on the App ?
I hope I've been clear enough
Thank you for your return,
Alexandra
Unfortunately, I don't think there's any way to do that with the current limitations of the Security Rules engine (or if there is, I have no idea how to achieve it). That said, most of the information you're looking to make available can be read from the repository database, we have an in-house app set up to do exactly that (it also ties into our active directory and customized permissions setups so we can see all this stuff in one place). You could try that route.
You're going to have to give users Update permissions on the apps in question, but this shouldn't actually be a problem providing:
* Users should have update permissions only for QMC, not Hub / Both
* Users should not be given access to the "Apps" section in QMC, only the "Tasks" section.
Within this framework, I don't think there's any way for these users to actually modify the apps.
Hi,
Thanks for your response. Indeed if I hide the App section I've no problem anymore.
But I really wanted to let them access this section to verify all the Apps published , the tags, informations of last date of publication, the CustomProperties applied etc ....
But it doesn't seems compatible.
It's true that many of these informations are available through the Hub ... I'll see ...
Unfortunately, I don't think there's any way to do that with the current limitations of the Security Rules engine (or if there is, I have no idea how to achieve it). That said, most of the information you're looking to make available can be read from the repository database, we have an in-house app set up to do exactly that (it also ties into our active directory and customized permissions setups so we can see all this stuff in one place). You could try that route.
Yes, I'll try this way.
Thank you !