Access to Service Desk objects is controlled through roles. Objects are organized into groups and roles are assigned levels of access to the groups. This document describes two methods that are available for determining the group to which an object belongs.
Objects such as incidents, logs, and menu bars are grouped into functional access areas. The Function Access tab of a role contains a list of functional access areas. The list defines the areas, and therefore, the objects, available to the role.
Figure 1 below shows the partial list of areas available to the Administrative role.
The Functional Access List under Security and Role Management in the Administration tab includes the name and description of each functional access area.
The description of each area lists some of the objects included in the group.
For example, as shown in Figure 2 below, the Administration area includes event logs, macros and options.
It is not always possible or efficient to use the description to determine the group containing a particular object. An alternative method of determining the group is to use the bop_sinfo command. To find the group for an object, follow these steps:
- From a command line, issue:
bop_sinfo -df <object_name>.
- Find the line in the output starting with: "Func Group".
The value that follows is the name of the functional access area.
For example, to determine the functional access area for the object, pri (for Priority table), issue:
bop_sinfo -df pri
The output that is displayed for this command is:
Rel Attr = enum
Common Name = sym
Func Group = reference
Display Name = Priority
Display Group =
Schema Name = Priority
DBMS Name = pri
Producers = pri
In the example above, the value of Func Group is "reference". "Reference" is a functional access area included in the out-of-the-box Functional Access List.