We are using Policy Management from GRC. When the Policy gets approved, the KB article is published and attached to the Policy Record. The policy can be restricted and only visible to the specific people tagged in the Policy records, e.g. Policy Approvers and Owners and some additional user fields (custom). While ACL may work for hiding policies from the global portal view however, it can't be hidden from the scripted REST APIs.
Our requirement is as follows:
1. When the restricted policy is published and KB article is created we need to use the User Criteria that can handle the visibility based on the Policy Record meta data.
2. I am not able to use current in the User criteria and therefore I can't use current.source_id field that is mapped to Policy Record
3. I also do not want to create number of user criterias based on individual policies / KBs
How do we achieve this using User Criteria ?
What alternative we have to achieve this? Here's the visual diagram of what we want to achieve.
#knowledge #usercriteria
