Interesting question!!
I'm on 7.0.1 Patch 1, and did some testing with the HPD:Incident Management Console (and the management view within), and taking API+SQL Traces, the queries executed as defined by FB Variables, without any "extra" sql attached, (Field 1, 3, 112, 60000... restrictions).... It also executes as the user context 'Mid-tier', which is the internal account, so it might be thought of as an "Administrator" level account. I was hoping to find an "Impersonate User" entry in the API Log, but alas, none was found. (hum, that IS logged right??) I DID see where Mid-Tier was getting the user's group list, etc but nothing was in the SQL Query. I will (as Joe is going to do as well), perform some additional testing, because that is an interesting conundrum of data-access... Thanks-n-advance; HDT Platform Incident / Problem Manager & Architect Robert Molenda IT OS PA Tel: +1 408 503 2701 Fax: +1 408 503 2912 Mobile: +1 408 472 8097 [EMAIL PROTECTED] Quality begins with your actions. ________________________________ From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Joe D'Souza Sent: Monday, September 10, 2007 12:07 PM To: [email protected] Subject: Re: Row level access with flashboards Hello Jason, I don't really have an answer to what you are facing but in case you do hear something about what you have observed, please do let us know. Its a nice to know sort of thing.. I may have time over this week to simulate what you are seeing so if you can give me a test case scenario of what you are seeing I'll check to see if I can replicate that on my free time. I am however on a slightly different patch level - ARS 7.0.1 P3.. Soon I intend to upgrade to 7.1 as its a dev/test system, so could check on both these versions. Cheers Joe -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] Behalf Of Jason Miller Sent: Friday, September 07, 2007 6:50 PM To: [email protected] Subject: Row level access with flashboards ** Hi all, I noticed a strange behavior with flashboards and row level access. I am working with the OOTB Remedy Support console in ITSM 6. I have added row level access on the various forms (Help Desk, Change, Task) and those permissions are pushed to the SHR:ConsolidatedList record. The problem is if I login as a user who can only see a limited set of records I still see all of the groups and their record counts in the By Group flashboard ('Flashboard2'). This user should not have any knowledge of who the other groups are in the system and their ticket volumes. I know the row level permissions are working on the SHR:ConsolidatedList form (also where the FB data is coming from) because the user only see the correct records in the table field. Do flashboards recognize row level access? Is this a bug? As designed? Thanks, Jason ARS 7.00.01 p2 ITMS 6 CMDB 1.1 p3 MS SQL App/DB/MT on Win 2003 IIS 6 __20060125_______________________This posting was submitted with HTML in it___ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
