- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-25-2022 07:22 AM
Hi there,
We currently have a situation where users with the service_editor role are able to modify CI relationships on the CMDB. I have locked this down using create and write ACLs on the cmdb_rel_ci table.
While this does work, the "Add CI Relationship" button is still visible on the form, which takes users to the relationship manager screen. The only way you can tell it didn't work, is because the changes are not saved.
Ideally, I want to get rid of this button if you do not have the rights to use it. I saw a thread (albeit posted 13 years ago) stating that modifying the ACL should be enough, but it doesn't seem to be now.
Any ideas?
Solved! Go to Solution.
- Labels:
-
Data Foundations
-
Data Health Tools

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-25-2022 07:46 AM
Hi,
ACL is enough! we still control it by ACL. If they have at least table-level write access also then that button would be visible. For testing give the ACL a higher role
Regards,
Vivek

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-28-2022 08:55 AM
Maybe an option is OOB ACL you can give the higher role. Then within your app you can follow directly some roles instead of the following ACL.
By the way Two years before I got an opportunity to see the DCM demo it's a promising tool to manage the data. Hopefully, it helps the customer to have CSDM compliant.
Regards,
Vivek