Clarity

  • Private Community

  • 1.  Resource - View permission

    Posted Apr 06, 2018 09:25 AM

    Hello,
    I really like the 'Staff'/Resource Management view in the new UX, but it created a problem to solve in our access right configuration: every user could see every other users ALLOCATIONS.

     

    Our requirements:

    a) every user is allowed to 'create a new project'
    b) every user (as project manager) needs to select any user in dropdown lists (e.g. project/business sponsor) -> as therefore all users have the global right 'Resource - View - All'

    c every user (as project manager) should staff the project team and soft book their allocations to this specific project -> therefore all users have global right 'Resource - Softbook - All'


    Important requirement and current issue:

    d) every user should only see allocations for (a) their resources (they are resource manager of) and (b) the projects they have access rights to.
    Currently, all users see all resources and ALL of their allocations (of course they cannot click into project details, but they see the project name and the allocation)

     

    Is there a way to reconfigure the access rights so that ALLOCATIONS are only visible if users have access rights for the respective investment/project?

     

    Even after reading the Access Rights Reference Guide back and forth, I could not think of a solution...
    https://support.ca.com/cadocs/0/CA%20Clarity%20PPM%2014%202%2000%20%20On%20Premise%20-ENU/Bookshelf_Files/PDF/CAClarityPPM_AccessRights_Reference_Guide_ENU.pdf

     

    There was an issue with resource access rights in the knowledge base but that dates back to 13.3 and should be fixed:

    https://comm.support.ca.com/kb/clarity-the-resource-soft-book-all-and-resource-view-book-all-access-rights-grants-view-access-to-all-users-on-the-system/kb000048326#/

     

    1) Does anybody know how to avoid this?
    2) Are there any other 'best practices' to fulfil the requirements?

    BR David



  • 2.  Re: Resource - View permission

    Broadcom Employee
    Posted Apr 06, 2018 12:45 PM

    David,

     

    It seems to me, it might be possible to limit visibility of allocations based on the user's status as project manager.  However, I think it would have to be done with custom NSQL queries, custom pages, custom portlets, and customized menu options.  I'm concerned that this might entail a lot more work than you may want to go into for something that, on first glance, seems like it should be pretty simple.

     

    At any case, I don't think you can do this using the stock objects as data providers.

     

    Ralph Godwin



  • 3.  Re: Resource - View permission
    Best Answer

    Posted Apr 09, 2018 03:36 AM

    Yeah the "view allocations" right is part of the "view resource" right, so nothing you can do here.

     

    I think that the idea is that you don't give "project managers" the "view all resources"/"softbook" rights on people-resources only on role-resources, that way the PM can staff their project (with the generic roles) and then the "resource manager" (who does have the view/book rights on the people-resources) can replace the role with a person.

    Obviously this means you organisation needs to work in that way, which they might not (quite understandably) want to ; there is a compromise somewhere then.



  • 4.  Re: Resource - View permission

    Posted Apr 09, 2018 03:05 PM

    Thanks for the replies, seems like there is no nimble solution to that.

    In the classic interface there might be a chance to replace the 'investment name' with 'investment type' for investments that a user does not have view rights to, but in the new UX there is no configuration possible...



  • 5.  Re: Resource - View permission

    Posted Apr 10, 2018 03:48 AM

    (just to be clear, ny comments above were related to the "classic" UI, no idea if this differs in the new UI, but I would suspect not)