TPM allows Application security to restrict the actions members of a security group can perform when using the application.
Is there a way to restrict thew application access to limit which records can be used as well?
For example, I give members of security group A read-only access to the "Provisioning Workflows" application. However, I also want to limit them to only read specific workflows generated from a query (e.g. only workflows containing the string "KVM"). Is this possible, and if so what are the steps?
I do not see this documented in the users guide. If it is documented somewhere else, feel free to point me to it. Thanks!
This topic has been locked.
1 reply Latest Post - 2012-09-13T14:55:35Z by JennyNa
Pinned topic TPM 7.2.1 - Restrict viewable records within an Application?
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2012-09-13T14:55:35Z at 2012-09-13T14:55:35Z by JennyNa
JennyNa 270001YFA32 PostsACCEPTED ANSWER
Re: TPM 7.2.1 - Restrict viewable records within an Application?2012-09-13T14:55:35Z in response to SystemAdminHi,
yes, it is possible. You can follow these steps:
1. Go To -> Security -> Security Group and select the security group you want to configure
2. In Data Restrictions tab, go to the "Object Restrictions" tab and click on New Row. Fill the restrictions with these values:
- Object : TPWORKFLOW
- Application : TPWORKFLOW
- Type : QUALIFIED
- Reevaluate : true
- Condition : click on the arrow and "Go To Conditional Expression Manager" and define a new condition in this way:
* Condition : the name of the condition
* Type : Expression
* Expression : the query to filter the workflows, in your case " :workflow_name like '%KVM%' "
* Always Evaluate : true
3. Save the changes made to the security Group
Now, logging in with a member of the security group that you configured, you would be able to see just the workflows satisfying the query.
I hope this helps you,