Votes

12

Hide some resources in permissions view of User App

by: Gregory M. | over a year ago | Role Based Provisioning
Cast your vote or comment ...
return to idea list

Some resources perform functions that are not meaningful to the end user. For example, for certain roles we attach a resource solely to grant a group membership entitlement--the resource and the role are essentially the same permission, but the role is what the user requests. It would be good to have a flag to let us hide that resource from the end user, so that they only see one new permission after they request the role.

by: Gregory M. | over a year ago | Role Based Provisioning

Comments

  • This would really help out our organisation.

    by: Aaron D. | over a year ago

  • It would be nice to have this functionality in idmdash

    by: Akanshah B. | over a year ago

  • I agree and it would be a good functionality

    by: Dinakaran K. | over a year ago

  • I'm not really sure why we need to continue to vote on this.
    The vast majority of resources are ONLY there to grant an entitlement which ends up being requestable.

    Rolling out RBAC or similar to a large organisation where this is the new product and people don't know any different really confuses end users.
    A description of DO NOT REQUEST is not really acceptable to try and squeeze through the comms and change team for a production deploymemt.
    The flip side of this is what if an approval process has been incorrectly applied and a user requests and auto gets a resource? Allowing them free reign on a server or trading application?

    Is this actually a difficult task to implement?

    by: Aaron D. | over a year ago

  • We didn't want users to see any resources - or any of the system roles - at one of our customers, so we used the tips in this article to hide them:
    https://www.netiq.com/communities/cool-solutions/different-permissions-user-application/

    It is not quite as useful as a flag described in this idea, especially since you have to re-check the permissions and inherited rights filter every time you deploy the PRD, role or resource, but perhaps it can help someone until this idea is implemented?

    by: Ragnar S. | over a year ago

  • It is possible to hide role/resource/workflow at clients level, not at user level. Client Settings -> Customization

    by: Suman R. | over a year ago

  • This is an all-or-nothing flag, usefull in some scenarios, but not as flexible as the flag proposed here.
    On top of that, if I'm not mistaken, disabling all resources will still show the resources on the user profile.

    by: Stefaan V. | over a year ago