返回
-
标题
Users might have the ability to read, modify, delete, and create entries in the table DialogParameter -
说明
It's possible in Identity Manager, users might have the ability to read, modify, delete, and create entries in the table DialogParameter.
-
原因
This is due to Defect 468571 where the Permission Group “VI_4_ALLUSER” has access rights without any limitations. Additionally, there are other Permission Groups that also allow unrestricted access to these objects.
-
解决办法
WORKAROUND: Contact Support for a copy of the fix for Defect 468571
Status: Waiting for a fix to be included in a future version of Identity Manager. -
变更请求
468571 -
其他信息
Implementing permission checks in assemblies: Common.Customizer.dll & VI.DB.dll. Base configurations for permissions on table DialogParameter and DialogParameterSet - which do not revoke permissions by default. Changed role-based permissions on those tables, that use DialogParameterSet: AttestationCase, ShoppingCartItem, ShoppingCartPatternItem and AccProductParamCategory. This fix changes the behavior of edit/delete permissions for DialogParameter and DialogParameterSet, CanSee permissions remain unchanged due to performance reasons and as requirement for select permissions on the related tables as well before providing a good result on a Parameter Value.