The role of a CA SDM user governs both access authorization and the user interface. The set of roles available to users depends on their access type. Multi-tenancy lets you control the tenant or tenant group that a user can access within the role.
The Role Detail page provides Tenant Access and Tenant Write Access drop-down lists on its Authorization tab. Tenant Access is view-only, and Tenant Write Access also allows create and update.
You can assign the following associations to roles:
Sets Tenant Write Access to be the same as the Tenant Access setting. Default for Tenant Write Access and only valid for Tenant Write Access.
Removes tenant restrictions. CA SDM allows a user in a role with this access to view any object in the database (read access) or create and update (write access) any tenanted object in the database. When users with All Tenant access create an object, CA SDM requires that they select the tenant of the new object.
Sets a role's tenant access to a named tenant. When this option is selected, a second field appears on the web UI that allows selection of a specific tenant. CA SDM restricts a user in a role with this access to view (read access) or create and update (write access) only those objects associated with the named tenant. This selection is valid for either Tenant Access or Tenant Write Access.
Sets a role's tenant access to a user-defined or system-maintained tenant group. When the Tenant Group option is selected, a second field appears on the web UI that allows selection of a specific tenant group. CA SDM restricts a user with the role to view (read access) or create and update (write access) only those objects associated with one of the tenants in the group. When a user with tenant group access creates an object, CA SDM requires that they select the tenant for the new object. This selection is valid for either Tenant Access or Tenant Write Access.
Sets a role's tenant access to the tenant of the contact using it. CA SDM restricts a user in a role with this access to view (read access) or create and update (write access) only those objects associated with their own tenant. This selection is valid for either Tenant Access or Tenant Write Access.
Sets an analyst's role access to the tenant group that the analyst works with, as specified on the analyst's contact record. If the user with the role is not an analyst, this selection has the same effect as Contact's Tenant. It is valid for either Tenant Access or Tenant Write Access.
Sets a role's tenant access to the Subtenant group of the contact using it. CA SDM restricts a user in a role with this access to view (read access) or create and update (write access) only those objects associated with their own Subtenant group. This selection is valid for either Tenant Access or Tenant Write Access.
Sets a role's tenant access to the Supertenant group of the contact using it. CA SDM restricts a user in a role with this access to view (read access) or create and update (write access) only those objects associated with their own Supertenant group. This selection is valid for either Tenant Access or Tenant Write Access.
Sets a role's tenant access to the Related Tenants Group of the contact using it. CA SDM restricts a user in a role with this access to view (read access) or create and update (write access) only those objects associated with their own Related Tenants Group. This selection is valid for either Tenant Access or Tenant Write Access.
All users can view public data, regardless of their current role's access rights. The Update Public check box controls whether a service provider user in the role has the authorization to create or update public data. Tenant users (users belonging to a tenant other than the service provider) cannot update public data, regardless of their role.
Copyright © 2012 CA. All rights reserved. | Tell Technical Publications how we can improve this information |