A user having only read access via OBS to a Project instance, is still able to edit some fields.

The steps to reproduce are as follows:

- Assign the user to OBS 1 and Group 1.

- Grant Project-Read access to OBS 1.

- Add an instance of the Project to the OBS 1.

- Verify that the user is not able to edit any field on the Project.

- Implement Field Level Security on one of the fields and grant edit rights to the Group 1.

- The user is now able to edit the field on the Project.

Release : 15.9.1

Component : CA PPM APPLICATION

Secure Field Level Access is implemented on some fields.

Pre 16.1.2 this is working as expected, as per the current design.

FLS (Field Level Security) takes precedence over other rights.

More information regarding the Field Security on the Modern UX can be found on the Documentation:

Secure Field Level Access

As of 16.1.2 a new feature has been implemented

Secure Field Level Access 16.1.2

A new option, “Prioritize Access Rights over Attribute Level Security,” has been introduced on the System Options page in Classic PPM. This option is not enabled by default. When you select this option, access rights will be given priority over Clarity Attribute Level Security configured on the Attributes page.