Article

Related fields security model

« Go Back

Information

 
EnvironmentProduct: Rollbase Private Cloud
Version: 4.4.1.0
Question/Problem Description
Two objects that are related to each other in a 1:1 relationship.
ObjectA is permissioned such that every user has view access to case records.
ObjectB is permissioned so that only the Server API and Manager role have view permissions to the object. In addition to this, view rights to the individual fields in ObjectB are turned off.
In ObjectA a related field was created to pull in data from ObjectB.
When logging in as a non-admin user, that user cannot access ObjectB, which is correct, however, can clearly see ObjectB’s related field data in ObjectA.
Steps to Reproduce
Clarifying Information
Error Message
Defect/Enhancement Number
Cause
This is expected behavior.
Resolution
The 1:1 relationship grants fully access to ObjectB's data thought ObjectA's related field.
It is necessary to remove the view permission from ObjectA's related field as it is now using the view permission set in ObjectA. 
 
Workaround
Notes
Attachment 
Last Modified Date5/19/2017 5:52 PM
Disclaimer

The origins of the information on this site may be internal or external to Progress Software Corporation (“Progress”). Progress Software Corporation makes all reasonable efforts to verify this information. However, the information provided is for your information only. Progress Software Corporation makes no explicit or implied claims to the validity of this information.

Any sample code provided on this site is not supported under any Progress support program or service. The sample code is provided on an "AS IS" basis. Progress makes no warranties, express or implied, and disclaims all implied warranties including, without limitation, the implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample code is borne by the user. In no event shall Progress, its employees, or anyone else involved in the creation, production, or delivery of the code be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample code, even if Progress has been advised of the possibility of such damages.



Feedback
 
Was this article helpful?

   

Your feedback is appreciated.

Please tell us how we can make this article more useful.



Characters Remaining: 255