Federated Search by Role Tenancy Permissions

Idea created by russell.pope on Sep 3, 2015
    Not planned

    Currently the search results returned by the federated search adapter will filter results from sharepoint based on the contacts tenant (including public results also).


    This differs from EBR search functionality in a number of ways:


    1] Generally access to data in SDM is based on the tenant read permissions associated with the contacts active role and not the contacts tenant. In a multi tenanted system agents will have multiple roles or roles with permissions to view multiple tenants so they can manage the creation of tickets for a number of customers. Where federated search restricts these users to tenants associated with their contacts tenant this restricts their ability to make use of tenanted knowledge when dealing with end users.

    2] Knowledge can be further restricted by group membership - federated search does not filter based on this additional permission constraint and therefore the user will have results returned only to find they do not have the permissions to view when they click on the  link.


    This functionality should be enhanced to make it more usable by implementing similar access controls for knowledge and other objects types as is found in standard SDM search functionality.