Clarity Service Management

Expand all | Collapse all

Read Only access with only log comment update activity

  • 1.  Read Only access with only log comment update activity

    Posted 04-27-2018 02:02 PM

    We have created read only access type. And now we need to give access to the same users to update only log comments. They should not change anything on the incident or change order or request.

     

    Is it possible?

     

    Thanks,

    Pramila



  • 2.  Re: Read Only access with only log comment update activity

    Posted 04-27-2018 05:05 PM

    Pramila, I don't think this is possible. The function group for the alg(activity log, the object you will create if log comment) is call_mgr, the same function group for cr/in/pr. So without modify right for call_mgr, you can't log comment. Thanks _Chi



  • 3.  Re: Read Only access with only log comment update activity

    Posted 04-28-2018 01:32 PM

    This is actually possible. You would need to create a new functional access and then use a modify statement to have the alg factory use the new functional access.

     

    I can share an example when at the office.  



  • 4.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 09:58 AM

    Grant, I am not sure changing the alg function access is a good idea, though technically it is possible. Doing this would need a lot other changes as well, potentially hitting something unexpectedly. Thanks _Chi



  • 5.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 10:12 AM

    Hi Chi,

     

    I can't think of anything else that would need to be changed, would you mind explaining?  The list/detail forms check the functional access tied to the object, so they wouldn't need to be updated.



  • 6.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 10:23 AM

    Grant, for example, roles have cr/in/pr modify/view would need to change as well otherwise those analysts won't be able to update tickets as SDM assumes when some role's cr/in/pr has modify function access  that role should have the same access to alg but once you change alg function access to my_call_mgr, it is not the case anymore.  Besides, potentially, the base code could have this assumption as well("access to alg is the same as access to cr/in/pr"). Thanks _Chi



  • 7.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 10:32 AM

    Thanks Chi,

     

    I understand where you're coming from, but also want to point out that the Functional Access detail page has an edit in list for this very reason.   If we shouldn't be messing with functional access them maybe it shouldn't be configurable in the admin menu? 



  • 8.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 10:43 AM

    Grant, this is a very helpful discussion. I think edit in list is there for change the access level only not the code. In fact, I wouldn't change the code for those system/operation objects if the web page allowed me to. Thanks _Chi



  • 9.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 10:57 AM

    I respect your caution..  We have a slightly different point of view as there's a whole team dedicated to developing features for our CA ITSM solution..  So if we have a valid business case that requires a simple customization to the tool we'll customize the tool, document, and send it through a full QA pass.

     

    But I can see why it doesn't make sense for not everyone to follow this approach.



  • 10.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 12:33 PM

    Chi_Chen and Grant Bruneau Thank you so much for your valuable discussion. Please let me know if it can be fixed with ETA or can I update the same with my management.

     

    Thanks,

    Pramila



  • 11.  Re: Read Only access with only log comment update activity

    Posted 04-30-2018 12:38 PM

    Hi PramilaJanarthanan,

     

    There isn't anything to "fix".  The customization I was suggesting isn't supported/recommended by CA.  You can post an idea to the requesting the ability to split apart the call_mgr/activity log functional access.   I would love to see more control around functional access, in my opinion each object should have it's own configurable access.