How to hide Custom notifications and specific Delivery channels cards (Next Experience / Workspace)

kack l
Tera Expert

Family / UI: YOKOHAMA屏幕截图 2025-10-01 141402.png (Next Experience)
Page: User Preferences → Notifications
Constraint: We are not allowed to modify UI Builder in this environment.

Business requirement

  • Non-admin users must not see or access the Custom notifications section/tab (including the Create notification button). Only admins can use it.

  • Additionally, on the Delivery channels tab we want to hide the cards for Next Experience and Workspace from non-admin users (admins can see and manage them).

What we tried

  1. Destination-level restriction
    For both Next Experience and Workspace we configured Notification Destination Type as:

    • Deliver To = Roles

    • Destination Table = Role [sys_user_role]

    • Destination Id = admin
      This correctly limits who can use these channels in advanced preferences, but the cards still appear for non-admin users on the Delivery channels tab.

  2. Verified the channel providers/plugins are installed and active (e.g., Notification Provider for Next Experience).
    Toggling provider/channel/destination did not remove the Custom notifications section, nor did it hide the Next Experience / Workspace cards for non-admins.

  3. We know UI Builder visibility rules (e.g., userHasRole('admin')) or fully deactivating plugins would work, but we’re looking for an OOB configuration/permission approach first (no UI changes).

Questions

  1. Is there any OOB property or configuration to hide the “Custom notifications” section/tab (and Create notification) from non-admin users without changing UI Builder?

  2. For the Delivery channels tab, is there an OOB way to hide the Next Experience and Workspace cards by role?
    Or is destination-level restriction (card still visible but unusable) the intended behavior?

  3. If UI hiding isn’t available OOB, what’s the recommended ACL hardening to effectively disable these features for end users?

    • For Custom notifications, which tables should be protected (read/create/update/delete) so non-admins can’t list or create anything?
      Our current understanding: notification definitions end up in sysevent_email_action (aka sys_notification), user subscriptions in sys_notif_subscription, and resolved messages in cmn_notif_message.
      Is there an official table list specifically for Custom notifications?

    • For Next Experience / Workspace channels, are there additional tables (e.g., channel/property/provider records) that should be ACL-restricted to prevent non-admins from using them even if the cards remain visible?

Any official docs or best-practice guidance would be greatly appreciated. Screenshots available if helpful. Thanks!

0 REPLIES 0