Who's On?

	Membership:
	Latest: DW
	Past 24 Hours: 0
	Prev. 24 Hours: 1
	Overall: 5246

	People Online:
	Visitors: 350
	Members: 0
	Total: 350

Name	Points
Greg Moeller	4184
David Williams	3349
JonA	3291
Kat V	2984
Woozy	1973
Jimmy Chiu	1883
Kwane McNeal	1437
Ragu Raghavan	1375
Roger French	1315
mark.cook	1244

Landmark security class

5 Replies

2 Subscribed to this topic

32 Subscribed to this forum

Sort:

Author

Messages

Jay2

Veteran Member Send Private Message

Posts: 84

12/5/2016 3:47 PM

We have noticed some changes have happened in the security class InbasketUser_ST which has caused issues with users having access to certain businessclasses. The two that have come to our attention so far are as follows: Previous rules:

PfiWorkunitFolder BusinessClass is accessible for all creates, all inquiries unconditionally PfiWorkunit BusinessClass is accessible for all creates, all inquiries unconditionally Changed to:

PfiWorkunitFolder BusinessClass is accessible for all creates, all inquiries when (actor = AttachBy or (PfiWorkunit.PfiQueueTaskRel exists and PfiWorkunit.PfiQueueTaskRel.ActorHasInbasketAccess)) PfiWorkunit BusinessClass is accessible for all inquiries when (actor = Actor or (PfiQueueTaskRel exists and PfiQueueTaskRel.ActorHasInbasketAccess)) I am trying to understand how these new conditions work .

Woozy

Veteran Member Send Private Message

Posts: 709

12/5/2016 4:05 PM

Hi Jay2, What this appears to be saying is: - Users have Inquire and Create access to PfiWorkunitFolder but only if they "own" the PfiWorkUnitFolder (actor = AttachBy; i.e. they are the actor that created it) OR if they are assigned a task relating to that WorkUnit (PfiWorkunit.PfiQueueTaskRel exists) and have Inbasket Access to that task (PfiWorkunit.PfiQueueTaskRel.ActorHasInbasketAccess). - Users have Inquire-only access to PfiWorkUnit if they created the PfiWorkUnit (actor = Actor; current actor is the Actor who created the PfiWorkunit) OR if they are assigned a task relating to that WorkUnit and have Inbasket Access to that task. I hope this helps. Kelly

Woozy

Veteran Member Send Private Message

Posts: 709

12/5/2016 4:13 PM

By the way, I don't seem to have PfiQueueTaskRel.ActorHasInbasketAccess on my system, so I can't tell you what it means. You must be on a later version of apps than I am. Sorry! If you have someone in your organization that has Application Configuration access to Config Console, they should be able to look up the logic for that field.

Jay2

Veteran Member Send Private Message

Posts: 84

12/5/2016 6:11 PM

Thanks Woozy That is very helpful and more than the Infor analyst could give me. I will work from there. I just need to find a way to verify this information. I think what it is going to come down to is to revert the rules back to the orignals.

Woozy

Veteran Member Send Private Message

Posts: 709

12/5/2016 6:28 PM

I hope you are able to figure it out. For what it's worth, since this is a *_ST security class (meaning it is a standard delivered class), I'm guessing you can't modify it. You'll probably have to clone it, modify the clone, and then change the security role to use the cloned security class instead of the original. I imagine you already know this, but just in case someone else wanders across this post. Good Luck! Kelly

Jay2

Veteran Member Send Private Message

Posts: 84

1/27/2017 7:04 PM

I just found out that this has been fixed in a later version. I am running 10.0.1.39