CA Service Management

Dear Team

How can I configure the SDM so that tickets maped to a particular group will be visible for that group only.

And also how to write the data partition constraint for that.

Hi,

Constrain for your requirement

group.[group]group_list.member IN (@root.id)

Hi Gutis

Thanks for replying.

Can you tell me how can I implement this ticket separation on my infra.

Say I have two groups I want tickets assigned to a particular group can be seen by that group's members only.

I think constraint should look like this:

group.[group]group_list.member IN (@root.id) OR group != U'xxxx'

where U'xxxx' your group uuid

e.g.

group.[group]group_list.member IN (@root.id) OR group != U'C2271BBFDE7EA14DA3C797585FEC0B5A'

We did this for one particular group.  We created a view constraint on the call_req table for all data partitions that we are using (except the Administrator partition, because we want admins to be able to see all tickets).  Our constraint allows only the members of the group the ticket is assigned to, and the affected customer in the ticket to view that ticket.

First, determine the persid of the routing group:  pdm_extract -f "select id from ca_contact where last_name = '*********'"

Here's the view constraint we have:

(group != U'2D2E4BD1543A7C498D9BCCCFDDEE7533') OR (group.group_list.member IN (@root.id)) OR group IS NULL OR customer = @root.id

Tammy

Hi Tammy

What do you mean by the routing group?

Do I have to create this constraint for each group?

But the no of constraints will be huge then because I have a lot of groups.

You can have only one view constraint for particular object per role. As I understand you have some public groups and some private groups (tickets assigned to them shall be visible only to group members)

First of all you should find what kind of groups you have more. If you have a lot of public groups and few private then you should use constraint like this:

group.[group]group_list.member IN (@root.id) OR group != U'C2271BBFDE7EA14DA3C797585FEC0B5A' OR group != U'C2281BBFDE7EA14DA3C797585FEC0C5P'

So this constraint will limit access only to assigned group members for tickets that are assigned to groups U'C2271BBFDE7EA14DA3C797585FEC0B5A' and U'C2281BBFDE7EA14DA3C797585FEC0C5P'

If you have more private groups than public you should use constraint like this:

group.[group]group_list.member IN (@root.id) OR group = U'C3271BBFDE7EA14DA3C797585FEC0B3A' OR group = U'C3281BBFDE7EA14DA3C797585FEC0C3P'

This constraint will limit access only to assigned group members for all tickets, except assigned to groups U'C3271BBFDE7EA14DA3C797585FEC0B3A' and U'C3281BBFDE7EA14DA3C797585FEC0C3P'

Sorry, we just call the groups 'routing groups' here.  In our environment, we only have one group that we want only members of that group to see their tickets (as well as the customers in the tickets).  So we have the view constraint for this one group defined for all data partitions that we use (except the Admin partition).

Tammy

Hi Gutis, I need to view on ca_contact table only members of my groups (@root.id), can you help me with that restriction?

Hi guys,

Like Gutis said, you can only have one view constraint. but you can add some Or and AND logic to create Master constraint

So you have public and private ticket, i guess it depend on the category of the ticket. If it was me, i would add a new attribute in my category (obj: PCAT) named : z_public. Customize the detail_pcat.htmpl and add a checkBox control for this attribute.

So in your datapartition you will do something like (category.z_public==1) OR (category.z_public==0 AND group.[group]group_list.member IN (@root.id)).

So when someone try to display, or list a ticket, if its category.z_public is checked, no validation on user group. If category.z_public isn't checked, ticket's group must be one of the user's group.

Good luck

Please note that this has not been tested. I'm confident but i would not bet my life on it

CA SDM Data partition::. call_req cr