Steps to create an asset notes read only configuration for a specific set of user roles.

Document ID : KB000009942
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

This document describes best practices for setting up a configuration for read only asset notes, and for allowing asset note creation. 

Background:

There are two types of security configurations in CA Asset Portfolio Management:  

-          -  Global configurations apply to all users and are the least restrictive  (ie, you would ALLOW Notes access at this level).  

-          -  Local configurations (across all families or for a specific asset family) that either allow or restrict access 

 

If you wish to have some user roles edit Notes and other user roles only read the Notes, then allow Note access at the global level, and create a local configuration that sets Notes to Read Only. Then assign the local configuration to the user role(s) where you want to restrict access. 

Environment:
CA Asset Portfolio Management 12.9 and 14.1, any patch level
Instructions:

The ability to add Asset Notes is controlled on the configuration page(s), in the left tree view, under ‘Notes’.  In the screenshot below, any user governed by this configuration, has the ability to add or modify asset notes.   The pencil icon displays next to Notes, indicating that edit notes is available. 

NoteConfig1.png 

If the screen appears as below, then Asset Notes are read only:  (pencil icon displays with the readonly symbol in red)

 NoteConfig2.png

There are two kinds of security configurations in CA Asset Portfolio Management.

--         1.  Global configurations apply to all users and are the least restrictive  (ie, ALLOW Note access at this level).  

-            2.  Local configurations (across all families) that restrict access.  (ie, RESTRICT Note access at this level). 

If you wish to allow some user roles edit Notes capability, and provide other user roles with read only access to Notes, then allow Note access at the global level, and create a local configuration that sets Notes to Read Only. Then assign the local configuration to the user role(s) where you want to restrict access.

For example: 

1.  First, create a local configuration (or modify an existing local configuration for this user role), and restrict Note access (set to read only).

NoteConfig3.png

2.  Next, assign this local configuration to the user role(s).

 

Find the user role: Administration -> User/Role Management and bring up the details for the user role: 

 NoteConfig4.png

Select ‘Role configuration’, then select New and assign the local configuration (Asset Notes Read Only) to the user role(s) and save: 

NoteConfig5.png

Now all users will have authority to add asset notes, except the users in the Test User role that are now governed by the Asset Notes Read Only configuration. 

Note that local configurations applied to a user role override the global configuration settings; however, be sure that the global configurations are the least restrictive configuration applied.