Security Setup Blank Title 61317

Yahoo Archive
1
Without the benefit of research, I don't believe there is a feature
in Process Security to control the right-click and jump utility. My
best guess is you would need to use Business Process Management to
control that feature. - Monte Tomerlin


--- In vantage@yahoogroups.com, "jwarshawer" <john@...> wrote:
>
> We are implementing Vantage 8.03.403c and I am responsible for
setting
> up security. I understand how menu security works, and I will
forge
> ahead and set this up.
>
> Given Vantage's ability to right-click and jump to another
maintenance
> screen, I wanted to get your input on how to stop a user from doing
> that. Is this what I would use Process/Method security for? If
so,
> how do you do this -- what Method do I secure.
>
> So, for example, if I want to prevent someone from going into the
part
> master screen (via the menu or right-click option), how do I do
that?
> If I suppress bo.part.update, will that impact the user when they
are
> running some other authorized process that also updates the part
master?
>
> In general, I'm confused. Any help is appreciated.
>
2
We are implementing Vantage 8.03.403c and I am responsible for setting
up security. I understand how menu security works, and I will forge
ahead and set this up.

Given Vantage's ability to right-click and jump to another maintenance
screen, I wanted to get your input on how to stop a user from doing
that. Is this what I would use Process/Method security for? If so,
how do you do this -- what Method do I secure.

So, for example, if I want to prevent someone from going into the part
master screen (via the menu or right-click option), how do I do that?
If I suppress bo.part.update, will that impact the user when they are
running some other authorized process that also updates the part master?

In general, I'm confused. Any help is appreciated.
3
Inside the client folder there is an 'res' folder, and in there is an
xml file called ContextMenu. This defines all the right-click
context menus and where they point to. So a particular menu item
might appear three or four times throughout the menu, and you might
even add it in a few other places. But the context menu points to
just one of those menu spots. If you explicitly define the
permissions at that spot in the menu, you are protected from anyone
accidentally getting into the wrong area via the right-clicks. If
you don't think of it this way, you tend to set up the permissions on
higher level parent folders and then allow all users on the lower
levels. But if you set it up like that, then anyone can get in using
the context menu.

The ContextMenu file can be daunting, so if you don't want to parse
it all out, then there is another approach. You know you want to
keep people out of the Part Master, for example. So set up
permissions explicitly for the Part Master and use that same Security
Code for every instance of Part Master throughout the menu. Then no
matter which one the context menu uses, you are safe. Then repeat
for all other right-click destinations you are worried about.

Peter Volkert
Symetrics Industries

--- In vantage@yahoogroups.com, "jwarshawer" <john@...> wrote:
>
> We are implementing Vantage 8.03.403c and I am responsible for
setting
> up security. I understand how menu security works, and I will
forge
> ahead and set this up.
>
> Given Vantage's ability to right-click and jump to another
maintenance
> screen, I wanted to get your input on how to stop a user from doing
> that. Is this what I would use Process/Method security for? If
so,
> how do you do this -- what Method do I secure.
>
> So, for example, if I want to prevent someone from going into the
part
> master screen (via the menu or right-click option), how do I do
that?
> If I suppress bo.part.update, will that impact the user when they
are
> running some other authorized process that also updates the part
master?
>
> In general, I'm confused. Any help is appreciated.
>