All,
I have started to look at a clean install (no existing db) of v7.1 in
some detail and I have found a few interesting things.....
Has anyone noticed the OOB Web Services that are in the base Server?
I see three Public (Group access) web services:
User
Roles
Group
The form permission for the forms are as such:
User: Public(hidden)
Group: Administrator (only)
Roles: Administrator (only)
So the User Web Service and the form it points at (User) are Publicly
accessible.
However.... User's field 1 only has one group with access to it. Drum
role.... "AssigneeGroupAccess". (No I did not stutter.) Which turns
out to be 'Group ID' = 60988. ( Field 2 and 4 no longer have access to
the records unless their 'Login Names' are added to the 'Dynamic Group
Access' (field ID 60988) field.
Ok.. so the data should be safe by default. However this construct
raises a few questions for me too...
I wonder if the installer does the "super smart thing" and reviews the
permissions on field 1 on the User form before the changes and adjust
the permissions on the field 1 and/or the data in 'Dynamic Group
Access' after the changes? Or maybe it will just stomp on the User
form (like it has in previous upgrades and trash the customizations
that customers have made to the permissions? (and then leave the
existing data totally unaccessible to anyone except admin?)
Has anyone attempted to upgrade an existing server to v7.1 and have
had customizations to the permissions on the form/fields? (Any one
know if the customizations were stepped on or maintained?)
OH.. and the 'Status' field actually has two values now.
("Current"(0), and "Disabled"(1)) And there is an OOB filter
(User:SetUserStatusCurrent) that test for "( 'Status' = 20) AND ...".
So I doubt that filter will ever be true. :( Maybe some of the OOB
apps add more 'Status' values to the User form?)
Just wondering....
--
Carey Matthew Black
Remedy Skilled Professional (RSP)
ARS = Action Request System(Remedy)
Love, then teach
Solution = People + Process + Tools
Fast, Accurate, Cheap.... Pick two.
_______________________________________________________________________________
UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the
Answers Are"
