Restrict Access to specific Tabs on Project Layout


Article ID: 128429


Updated On:


Clarity PPM On Premise


Tabs are visible even for users not added under 'Access to this tab'.
This prevents the Project layouts to be different between different business units.

Steps To Reproduce:

1. Add a tab to the Project Default Layout portlet
2. Make sure the user (Test User) does not have access to the tab under 'Access to this tab'
3. Log out and then log in as Test User  
4. Open a Project.

Actual Result: Test User see the tab created
Expected Result: The tab should not be visible, as the user doesn't have access to it.



This issue was raised as a Defect: DE42792


CA PPM 14.x
CA PPM 15.x


SE (Sustaining Engineering) determined this as not a being a bug and working as per its design.

Additional Information

This is Not a Bug. Below are details
In C:\ca\clarity\trunk\npt\src\META-INF\npt\xbl\pages\addTabRightsFromParent.xbl line 48 mentions "If its a tab for an object instance type then reset the entry policy to be that of the parent frame" which means the tab security is parent driven. 
Even in out of the box tab "Dashboard" Setting gear appear. 
But the content displayed in this tab will be right driven, so user can configure tab with limited access to project only if a user has project navigation and view rights.
This is by design and confirmed with architect as well that this is not a security concern.