Restrict Access to specific Tabs on Project Layout

Article Id: 128429
Status: Published
Updated On: 03-06-2020 07:51
Products:
Clarity PPM On Premise
Issue/Introduction:

Tabs are visible even for users not added under 'Access to this tab'.
This prevents the Project layouts to be different between different business units.

Steps To Reproduce:

1. Add a tab to the Project Default Layout portlet
2. Make sure the user (Test User) does not have access to the tab under 'Access to this tab'
3. Log out and then log in as Test User  
4. Open a Project.

Actual Result: Test User see the tab created
Expected Result: The tab should not be visible, as the user doesn't have access to it.

 

Cause:

This issue was raised as a Defect: DE42792
 

Environment:

CA PPM 14.x
CA PPM 15.x

Resolution:

SE (Sustaining Engineering) determined this as not a being a bug and working as per its design.
 

Additional Information:

This is Not a Bug. Below are details
 
In C:\ca\clarity\trunk\npt\src\META-INF\npt\xbl\pages\addTabRightsFromParent.xbl line 48 mentions "If its a tab for an object instance type then reset the entry policy to be that of the parent frame" which means the tab security is parent driven. 
Even in out of the box tab "Dashboard" Setting gear appear. 
 
But the content displayed in this tab will be right driven, so user can configure tab with limited access to project only if a user has project navigation and view rights.
 
This is by design and confirmed with architect as well that this is not a security concern.