• Replies 6 replies
  • Subscribers 23 subscribers
  • Views 13373 views
  • Users 0 members are here
Options
Related

Object Level Restrictions or Permissions

Maddy
Offline
Hi Experts, I have created one Item Type called "Project", which does not have any lifecycle or workflow, the workflow is for Document which is in "Project Document" relationship,  Under which different Identities will work. So, is it possible to restrict User1 to edit other Project Item which is created by User2?  How could I manage this? Both User1 and User2 should work on different Project Item and will not able to access each other Project Item.   Regards, Maddy.
  • Offline
    Hi Maddy, I believe you could accomplish this by adding the Creator and/or Owner Identities to the Permission of this custom ItemType you've created. These Identities map to the created_by_id and owned_by_id properties on each individual item respectively. This means that if you give Update permissions to only the Creator identity, only the user who created the item will be able to lock it and make edits. Chris ___________________________________________________ Christopher Gillis Aras Labs Software Engineer
  • Offline
    Thank you, Christopher, for your quick reply.
  • Offline
    Hi Chris, I tried what you have suggested but I am not getting how to configure this is in my case. Here is my scenario: Two Project Object will be created (Don't have any LifeCycle or Workflow For this Item)
    1. <b>Project1 </b>
    2. Project2
    3. for Project1  Identities will be - Project1  Document Controller, which contains dc1 and dc2 users. and Project1 Manager, which Contains  pm1 and pm2 users.
    4. for Project2 Identities will be -   Project2  Document Controller, which contains dc3 and dc4 users. and Project2 Manager, which Contains  pm3 and pm4 users.
    So, I want to restrict to Project1 users to edit/update the Item which will be created by Project2 users. How should I design the permission for this Customise Item Type? and how to utilize the Creator/Owner Identities amongst these users.  
  • Offline
    So If I create an Identity like Project1 Users and will add Project1  Document Controller and Project1 Manager in it. and also Project2 Users and will add Project2  Document Controller and Project2 Manager,  and add these newly created Identities in Can Add(Custom ItemType), so is it a good way to achieve what I want?
  • Offline
    Hi Maddy, I had initially thought your use case was only between individual users and not between Alias Identities. In this case, I would recommend looking at this post in the Aras knowledge base which covers how to dynamically assign permissions to an Item based on item properties. To make this fit with your use case, you could pull what the "created_by_id" of the Project is and check to see if it is a member of either Project1 Users or Project2 Users. If the user who created the project is a member of Project1 Users, you can give all Project1 Users edit permissions. Likewise, you can give all Project2 Users edit permissions if the user who created the project is a member the of Project2 Users group identity. Chris _________________________________ Christopher Gillis

Copyright © 2024 Aras. All rights reserved.