User bypassing Model requirement when copying Application CI
search cancel

User bypassing Model requirement when copying Application CI


Article ID: 247740


Updated On:


CA IT Asset Manager Asset Portfolio Management CA Service Desk Manager CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager


We currently restrict uses with Service Desk to be unable to create CIs.  But, since ITAM shares the DB we have found that users can create a CI through the ITAM copy.  However, ITAM should not allow the copy as the previous item they are copying does not have a Model defined (our CIs for Applications are created in Service Desk and do not have models) with the Model field being required to create an entry in ITAM

Is there another way to restrict users from creating Application CIs from within ITAM? 


Release : 17.3

Component : ITAM - Other / CA Service Desk Manager


- The functionality in question, where one can duplicate a CI that was created in SDM by using the ITAM copy function despite the model being missing in ITAM, is working as designed.  

- The ITAM 'COPY' functionality simply creates an asset by copying all the available attributes/links/relationships of as existing asset in ITAM. This functionality is as good as creating an asset or CI from another system  (like SDM).

- The 'Model Id' validation happens when we try to click 'Save' button on ITAM UI without providing the model since it is a required field. However, ModelId is a NULLable field on the ca_owned_resource table. This is by Design.

- Additionally, the Copy functionality has not been restricted based on IsAsset / IsCI key value of an Asset/CI.

Additional Information

The options that are available would be to restrict the given users from accessing the Copy function overall, but this may affect all Copy functionality, including those that the user should be permitted access to.  One can also consider submitting an idea to our Communities page for a future release of ITAM to consider a design change that addresses such a scenario.