First you will need to identify which are the security rules that provides the undesired permission and disable them.
In the below explanation, I will refer to a default environment without any existing custom rule created
Data Connection
In a default environment you should not, by default, see anyone's data connection except if you are the owner
You cannot disable the rule that provides access to a user owning a data connection. However you can create rule to control which data connection are visible to which users.
Example:
Filter: DataConnection_DataConnection_ID
Action: Read
Condition: user.name="Username"
There is also a default rule allowing anyone to create data connection that can be disabled if required which is called: DataConnection
Create Apps
Again, there is a default rule called CreateApp allowing anyone to create application.
So you will need to disable this one and create a new one following your requirement.
Example:
Filter: App_*
Action: Create
Condition: user.name="Username"
Finally, note that the condition is very simple in my example. You can build up more complex condition based on custom properties or AD groups so that you don't have to add the username manually every time you want to provide access.
Make sure to test this in a test environment first to avoid the user to be directly impacted while building your security rule setup.
Hope this helps!
Bastien Laugiero If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.
First you will need to identify which are the security rules that provides the undesired permission and disable them.
In the below explanation, I will refer to a default environment without any existing custom rule created
Data Connection
In a default environment you should not, by default, see anyone's data connection except if you are the owner
You cannot disable the rule that provides access to a user owning a data connection. However you can create rule to control which data connection are visible to which users.
Example:
Filter: DataConnection_DataConnection_ID
Action: Read
Condition: user.name="Username"
There is also a default rule allowing anyone to create data connection that can be disabled if required which is called: DataConnection
Create Apps
Again, there is a default rule called CreateApp allowing anyone to create application.
So you will need to disable this one and create a new one following your requirement.
Example:
Filter: App_*
Action: Create
Condition: user.name="Username"
Finally, note that the condition is very simple in my example. You can build up more complex condition based on custom properties or AD groups so that you don't have to add the username manually every time you want to provide access.
Make sure to test this in a test environment first to avoid the user to be directly impacted while building your security rule setup.
Hope this helps!
Bastien Laugiero If a post helps to resolve your issue, please mark the appropriate replies as CORRECT.
