on 06-06-2008 4:58 PM
I don't know if anyone has had this requirement before or if there is even a way to do it, but I thought I would throw it out there.
What I am looking for is a way to assign 'mutually inclusive' role/security assignments within KM.
Here is the scenario.
- You have 2 roles: RoleA and RoleB
- I want to require that users be in BOTH RoleA and RoleB to get access to a KM folder.
- If a users is only in RoleA or only in RoleB they should not see the content.
Any ideas?
HI
i think u need to use of Group concept here.
create two groups of users
Group A --- assign folder permission where user need to navigate
Group B --- assign folder permission where user need to navigate
If suppose a user ( say a manager ) who need to navigate to both the areas of group A and Group B then assign these users to bith the group.
now create a KM navigation iview and assign this iview to role and assign this role to both the group.
so when end user navigates to km folders using this iview he can only see folder where he has permission.
This is my approach and there could be even other way to do it .
Regards,
Vijay.
ps: u need to remove read permission of everyone group from this KM folder if it was previously assigned.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi
craig wrote :Also, the permissions MUST be at the KM level. There is searching involved, so I cannot 'hide' any content via iView access.
according to this concept following is possible
1) u define permisssion at the km level.
2) user from group when search for the document he will be retrieving only the document what he had read access
i dont find any obstacle in this concept and i am sorry if i could not match the one wht u r thinking to achieve.
regards,
vijay.
Hi
will ellaborate with an example
assume there are 2 folder
folder A -- should be visible to only Group A
folder B -- should be visible to only Group B
So some special user who need to access Group A & B , so assign this user to both these groups so only these user cana access both the folder.
or another way
create group c assign these special user here and assign read access to both the folder to this group c
this way sound bit childish to me
now coming to search part.
in order to make things simple just index these folders and do not assign any permission during indexing , just leave that area empty.
the fact that if u r not assigning permission it will by default assign read permission to these folders and while displaying during search result it will filter the document according to the permission u set in km level.
my suggestion is to implement a pilot project for test purpose based on this concept and u can achieve what u want.
Regards,
vijay.
I appreciate your diligence with this, but I still don't think we are on the same page.
Here is the scenario again..
UserA is in GroupA
UserB is in GroupB
UserA-B is in BOTH GroupA and GroupB
I want to have a folder where only UserAB can see the content.
UserA would not see the content
UserB would not see the content
UserA-B would see the content.
If you have any more suggestions please contact me directly
Hi Craig,
Guess, this blog answers your question.
https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/6340
Hope it helps.
Cheers,
Sandeep Tudumu
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
84 | |
10 | |
9 | |
8 | |
6 | |
6 | |
6 | |
5 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.