Maximo Advanced Security Configuration – Data Restrictions
Advanced Security Configuration – Data Restrictions
Data Restrictions are part of the setup of the Security Groups and can be found in the Go To menu under Security > Security Groups. Data Restrictions can be setup for any of the groups from the Data Restrictions tab and can be used to:
– Restrict visibility of entire objects – this would be used to limit users from viewing particular Purchase Order for example those of other departments
– Restrict visibility of particular attributes – this is used stop particular users from viewing some of the details of particular records
– Restrict visibility of collections – restrict particular users to view only particular sets of items or companies
Before setting up Data Restrictions it necessary to setup Conditional Expressions.
Setting-Up Conditional Expressions
Conditional Expressions are setup from the Conditional Expression Manager application which can be found in the Go To menu under Administration > Conditional Expression Manager. A conditional expression is made up of the following details:
Attribute – Description
Condition Code – A reference code for the expression
Description – A brief description of the condition
Type A value, either CLASS or EXPRESSION that defines whether the condition is attached to Java Class or SQL Expression
Expression SQL – Where Clause containing the condition under which expression is positive or negative
Class – This is a reference to the Java class which needs to be called by this Conditional Express
Always Evaluate – The always evaluate check mark should be checked for complex expressions which include references to other fields. This way the field will be re-evaluated when changes to other fields occur. Re-evaluation has a processing overhead.
Reference Count – This is a read-only field which gives the details on how many times this condition is used within particular areas of the system.
Applying the Data Restriction
Data Restrictions are applied in Security Groups application on the Data Restriction application. The tab contains three sub-tabs:
– Object Restrictions
– Attribute Restrictions
– Collection Restrictions
Object Restrictions
The object restrictions tab is used to create controls against object such as work orders, purchase order or items. It includes the following fields:
Attribute – Description
Object – The name of the object
Application – The name of the application to which the restriction should apply, if left empty it will apply to all applications
Type – This field includes the following choices:
– READONLY – the object fulfilling the condition will be shown but will be read-only
– HIDDEN – the object will not be shown in the application
– QUALIFIED – the object will not be shown in applications or look-ups
Re-Evaluate – Same as above
Condition – The condition to be used for this restriction. All objects which fulfil the condition will be restricted.
Attribute Restrictions
The attribute restriction is used to hide particular attribute, such as the labor rate, or total contract value.
Attribute – Description
Object – The name of the object to be restricted
Attribute – The name of the attribute to be restricted
Application – The name of the application to which the restriction should apply, if left empty it will apply to all applications
Type – This field includes the following choices:
– READONLY – the attribute fulfilling the condition will be shown but will be read-only
– HIDDEN – the attribute will not be shown
– REQUIRED – the attribute fulfilling the condition will be shown and will be required
Re-Evaluate – Same as above
Condition – The condition to be used for this restriction. All objects which fulfil the condition will be restricted.
Collection Restriction
The collection restriction tab is used to give the group access to particular collections.
Example – Setting-Up a Conditional Expression to make Purchase Orders of a particular supplier read-only for a particular group:
1. Go to the Condition Expression Manager application
2. Create a new Conditional Expression by clicking on the New Button and add the following details:
a. Condition Code – POREADONLY
b. Description – Vendor Read-Only
c. Type -EXPRESSION
d. Expression -:VENDOR = ‘ATI’
e. Always Evaluate – true
3. On the Security Groups application select the group to which you want to add the condition
4. On the Data Restrictions tab, select the Object Restrictions tab
5. Create a restriction by clicking the New Row button and add the following details:
a. Object – PO
b. Application –
c. Type – READONLY
d. Condition – POREADONLY
Login with a user who is part of this group and you find all the Purchase Orders related to vendor ATI as read-only.
sql
#Maximo #Advanced #Security #Configuration #Data #Restrictions
Will be pleased to have you visit my pages on social networking .
Facebook page here.
Twitter account is here.
Linkedin account here
Post byBedewy for info askme VISIT GAHZLY
