TDM: Grant user permission to view random rows
search cancel

TDM: Grant user permission to view random rows

book

Article ID: 275022

calendar_today

Updated On:

Products

CA Test Data Manager (Data Finder / Grid Tools)

Issue/Introduction

I'm creating a new role in my TDM portal for the review of PII audits. As part of this, I would like the user who is reviewing the audits to be allow to view random data rows however when they try this we get the below error

Users have the below permission in the TDM portal

 

Environment

Release : 4.10 or newer

Cause

The user should have access to the Connection profile while doing PII Scan. 

Resolution

The TDMWeb logs shows ,  the USER is not able to get access to the connection profile.  When PII scan is performed, we use the environment linked to connection profile.

 

2023-10-16 14:48:05.081 GMT [DEBUG] [https-openssl-nio-8443-exec-4] --- [U:][M:][P:]                              c.c.t.s.SecurityUtil:  Username: <user>. Integrator Username: 'integrator'.
2023-10-16 14:48:05.083 GMT [DEBUG] [https-openssl-nio-8443-exec-4] --- [U:<user>][M:GET][<DRIVE>:/api/v1/profiler/jobs/XXX/tables/83041/rows]                       c.c.t.p.c.ResultsController:  RequestID: 208, Module: Profiler_Service, GET start /v1/profiler/jobs/XXX/tables/83041/rows
2023-10-16 14:48:05.099 GMT [WARN ] [https-openssl-nio-8443-exec-4] --- [U:<user>][M:GET][<DRIVE>:/api/v1/profiler/jobs/XXX/tables/83041/rows]                   c.c.t.c.d.c.MssqlProfileBuilder:  Adding to connection string parameter [;trustServerCertificate=true], new connection string: [jdbc:sqlserver://DBserverhost01;database=<DBNAME>;integratedSecurity=true;trustServerCertificate=true]
2023-10-16 14:48:05.099 GMT [DEBUG] [https-openssl-nio-8443-exec-4] --- [U:<user>][M:GET][<DRIVE>:/api/v1/profiler/jobs/XXX/tables/83041/rows]                   c.c.t.c.d.c.MssqlProfileBuilder:  Final connection string: [jdbc:sqlserver://DBserverhost01;database=<DBNAME>;integratedSecurity=true;trustServerCertificate=true]
2023-10-16 14:48:05.101 GMT [DEBUG] [https-openssl-nio-8443-exec-4] --- [U:<user>][M:GET][<DRIVE>:/api/v1/profiler/jobs/XXX/tables/83041/rows]                       c.c.t.c.s.ConProfileService:  RequestID: 208, Module: CONNECTION_PROFILE_MANAGER,getGroupProfile for user 83 and profile <DBNAME>
2023-10-16 14:48:05.106 GMT [DEBUG] [https-openssl-nio-8443-exec-4] --- [U:<user>][M:GET][<DRIVE>:/api/v1/profiler/jobs/XXX/tables/83041/rows]              c.c.t.c.e.h.GlobalExceptionConvertor:  HTTP Error - FORBIDDEN: not_authorized

 

You can give user access to the connection profile as shown below. 

Powered by Wolken Software