- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-11-2015 06:58 AM
Is there a practical way to grant rights to add and remove users to/from a specific group to a particular role?
For example, can I grant permissions to the the knowledge_admin role to allow it to add and remove users to/from the "KB Editors" group, but not to any other group.
Thanks
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-23-2015 07:22 AM
So it turns out ACLs wont do it. The solution that worked was to create a service catalog item for it, and add/remove users via script in the workflow.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-11-2015 08:33 AM
Shimon,
You should be able to achieve that by adding/modifying the ACL's for 'sys_user_grmember' table which is the M2M table which holds relationship between Group and USer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-11-2015 09:21 AM
i can see a couple of ways to do this....
1) very specific write an acl that checks to verify you are in one specific group and allow edits of that group by one specific role...
2) create a user editable check box on the group form... then if this is true allow people with a group edit role the ability to modify the group roles.. so a condition of user editable is true and a role of group admin < a role you created>
actually just thought of a third and possibly better way...
3> allow edits by the group manager... write an acl that lets the manager of a group edit it's members.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎03-23-2015 07:22 AM
So it turns out ACLs wont do it. The solution that worked was to create a service catalog item for it, and add/remove users via script in the workflow.
