Skip to Content
0
Feb 08, 2013 at 10:17 PM

Remove bucket modify from users but still allow item create/change

306 Views

Hi Experts: we recently upgraded our RPM system to 500_702 and we have found that users are able to edit buckets. We set our authorization controls at the portfolio level so it is inherited downward. The access levels are defined to roles not directly to users. They do not have the ACO_SUPER object assigned. All checking on the back during a trace fails so it is nothing on the PFCG object level.

What I am looking for is how to turn off bucket level access but still retain the item level access required by the user. We still want to set the controls at the portfolio level and inherit accordingly.

These are inherited to all buckets related to that portfolio. When a users clicks on Portolfio Structure from the options it pulls up a list of buckets. The user is able to select these and modify. We want them only to be able to display. My understanding is if we change the authorizations at the bucket level to read only then that is what is inherited at the item level. We need them to be able to edit at the item level but not the bucket without performing item level authorizations.

I tried to attach screenshots .jpeg or .png but kept getting content type not allowed.

Appreciate any suggestions.

Thanks

Kathy Brethouwer

Molex Incorporated

Sr. Systems Analyst - Security