- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2023 12:40 AM
Hi
I'm doing some research regarding the roles related to DPM and Service-CRUD functionalities. I have the following behaviour which makes me a bit confuse:
What I have:
- A sys_user related to a Company with role service_author, sn_dpm.dpm_manager, snc_internal.
- The related Company is a selfmade company which is marked as vendor.
- The Demo-Data Services of the PDI.
Behaviour on my ootb PDI:
- Impersonate as the sys_user mentioned above.
- Select a Business Service (ServiceNow PDI Demo Service) in the backend. --> Editing is not possible. --> ok
- Open DPM
- Select the Enterprise Portfolio where the Service is related to
- Drill-Down into the Service
- select "Edit in service Builder" via the three dots in the right upper corner
- The service Builder opens and I'm able to edit it.
- Do not change nor save something
- Change back into the backend --> now I'm able to change the details of the service. --> could be a security issue for my purpose because the role description says that service_author can only change their owned services.
Am I wrong in my assumption or is that a correct behaviour because I gave sn_dpm.dpm_manager to the sys_user too?
Many thanks and regards, Andres
Expected behaviour:
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2023 01:04 AM
I just did a bit more research and have seen, that when changing the service over DPM->ServiceDetails->"Edit in Service Builder" a new Service "Copy" is created in cmdb_ci_service_business.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2023 01:04 AM
I just did a bit more research and have seen, that when changing the service over DPM->ServiceDetails->"Edit in Service Builder" a new Service "Copy" is created in cmdb_ci_service_business.