How to remove "Add CI Relationship" button based on permissions?

UKRCmadams
Giga Contributor

Hi there,

We currently have a situation where users with the service_editor role are able to modify CI relationships on the CMDB. I have locked this down using create and write ACLs on the cmdb_rel_ci table.

While this does work, the "Add CI Relationship" button is still visible on the form, which takes users to the relationship manager screen. The only way you can tell it didn't work, is because the changes are not saved.

Ideally, I want to get rid of this button if you do not have the rights to use it. I saw a thread (albeit posted 13 years ago) stating that modifying the ACL should be enough, but it doesn't seem to be now.

Any ideas?

find_real_file.png

 

find_real_file.png

1 ACCEPTED SOLUTION

VivekSattanatha
Mega Sage
Mega Sage

Hi,

 

ACL is enough! we still control it by ACL. If they have at least table-level write access also then that button would be visible. For testing give the ACL a higher role

 

Regards,

Vivek

View solution in original post

5 REPLIES 5

Maybe an option is OOB ACL you can give the higher role. Then within your app you can follow directly some roles instead of the following ACL.

By the way Two years before I got an opportunity to see the DCM demo it's a promising tool to manage the data. Hopefully, it helps the customer to have CSDM compliant.

Regards,

Vivek