Migrating site user access to user criteria and groups

Yokohama Operational Technology Management

Release

yokohama

ft:locale

en-US

ft:publication_title

Yokohama Operational Technology Management

ft:clusterId

optm

bundleId

optm

workflow

Technology

Migrating site user access to user criteria and groups

Release version: Yokohama

Updated January 30, 2025

1 minute to read

When you upgrade to version 1.0.12 of the ISA Equipment Model, the migration from site user access to user criteria and groups begins automatically.

The following changes occur when you upgrade to version 1.0.12 of the ISA Equipment Model.

Improved site level access control to that uses user criteria to define read or write level user access to equipment model entity sites. With the additional assignment of OT viewer (cmdb_ot_viewer) or OT Editor (cmdb_ot_editor) roles, you can also have view or edit access to OT devices in the sites assigned accordingly.
When you upgrade to version 1.0.12 of ISA Equipment Model, existing site user records are migrated to an improved access control model using user criteria to preserve the same access permissions. For each site with ISA Entity Site User records, the following changes occur.
- For users with viewer access:
  - A new user criteria record is created and named Read User Criteria for <site name> Site [System Generated]
  - A new user group with all site users from this site is created and named Read Group for <site name> Site [System Generated]
  - A new record in the new Equipment Model Entity View Access table (isa_entity_m2m_user_criteria_can_view) is created with the new user criteria and user group.
- For users with editor access:
  - A new user criteria record is created and named Edit User Criteria for <site name> Site [System Generated]
  - A new user group with all site users from this site is created and named Edit Group for <site name> Site [System Generated]
  - A new record in the new Equipment Model Entity Edit Access table (isa_entity_m2m_user_criteria_can_edit) is created with the new user criteria and user group.
The Site User application menu and Site Users related list on the Equipment Model Entity record for a site is removed.
All site user (isa_entity_site_user) records are set to inactive.
The Site User – Can Read and Site User – Can Edit application menu items are added to the ServiceNow AI Platform.
The Can Read Equipment Models and Can Edit Equipment Models related lists are added to the Equipment Model Entity record for a site.