Restrict Access to specific Tabs on Project Layout

book

Article ID: 128429

calendar_today

Updated On:

Products

Clarity PPM On Premise

Issue/Introduction

Tabs are visible even for users not added under 'Access to this tab'.
This prevents the Project layouts to be different between different business units.

Steps To Reproduce:

1. Add a tab to the Project Default Layout portlet
2. Make sure the user (Test User) does not have access to the tab under 'Access to this tab'
3. Log out and then log in as Test User  
4. Open a Project.

Actual Result: Test User see the tab created
Expected Result: The tab should not be visible, as the user doesn't have access to it.

 

Cause

This issue was raised as a Defect: DE42792
 

Environment

CA PPM 14.x
CA PPM 15.x

Resolution

SE (Sustaining Engineering) determined this as not a being a bug and working as per its design.
 

Additional Information

This is Not a Bug. Below are details
 
In C:\ca\clarity\trunk\npt\src\META-INF\npt\xbl\pages\addTabRightsFromParent.xbl line 48 mentions "If its a tab for an object instance type then reset the entry policy to be that of the parent frame" which means the tab security is parent driven. 
Even in out of the box tab "Dashboard" Setting gear appear. 
 
But the content displayed in this tab will be right driven, so user can configure tab with limited access to project only if a user has project navigation and view rights.
 
This is by design and confirmed with architect as well that this is not a security concern.