on 06-01-2013 11:33 AM
Hi,
Having a look at admni guide and see overal apendix of all the varios rights (ch 27) - e.g create reports, edit reports.
Have a few questions.
1) We wish to give access to the Writes group permission to create and delete own reports in theire departmental folder but not have permission to delete
reports owned by other users in that department. We are using custom access levels and need to ensure the appropriate rights are in these access levels. How is this best achieved with regards delete privilege? Is it the case that by default a user cannot delete objects they don't own?
Is it a case of ensuring right delete objects is not set but dlete objects taht user owns is set?
2) Denying access to CMC is this best done done via Applications/CMC/ and remove access to Everone group to cmc. Just want to check before do this will can still use as Administrator users. Is this the case?
Thanks
Hi Philip,
To answer your questions
1. Your custom access level should only include " delete objects that the user owns" instead of "Delete Objects". By default user who owns the report will be having full control to those objects. including "Delete Objects" right will leads to accidental deletion and if the object is not owned by the user. they can still delete if you granted "Delete Objects".
2. If you deny access to CMC to Everyone group even Administrators will also be denied access for that. the right way is to
- Make access to CMC for everyone group at Application level - the Right is "Login to CMC" as unspecified.
- grant access to only Administrators group
give a try and let me know how it goes.
Regards
Mani
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Mani,
Thanks for reply.
Re option 2
Had had look at Applications/CMC and can see Everyone group has View access by default.
Looked at rights included within View and don't see right Login to CMC - how can theybe getting access to CMC when we have not explicitly granted this right to them?
Given that Administrators have Full Control on Applications/CMC if simply remove the Everyone Group form this would this be O.K?
i.e. not explicitly denying and Administartors group still be left with access.
Thanks
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.