Project and Portfolio Management Practitioners Forum
cancel

Field Level Security

Highlighted
Shravan Kathuri
Honored Contributor.

Field Level Security

Hi,

I want to give the field level security for one of the field as [REQ.CREATED_BY] in not submitted status.But i dont want to edit this field by [REQ.CREATED_BY] after request got submitted.I want this field to be editable by requestor only in Not Submitted, not in any other statuses.

We have updated created by token with admin user after request submittion. But in search requests page,it is showing admin user as creater for requests.

How can we resolve this problem?


Thanks
Shravan kumar.K
8 REPLIES
Niraj Prabhu
Outstanding Contributor.

Re: Field Level Security

Shravan,

I think following steps should help.

1. Have the field level security set to the token [REQ.CREATED_BY] for editing access.

2. Go the Request Status tab on Request Type and set this editable on Not Submitted status. You can make this field non-editable from all remaining statuses.

3. Also remember to this set this field as non-editable for every new status in the request type.

Let me know how this goes.

Thanks!
Niraj
Niraj P.
Shravan Kathuri
Honored Contributor.

Re: Field Level Security

Hi Niraj,

Thank you for your response. But I want to make this field editable to another person for remaining statuses.

How can we do this?

Thanks
Shravan kumar.K
Niraj Prabhu
Outstanding Contributor.

Re: Field Level Security

Shravan,

Which version of PPM are you in?

I think version before PPM 7.5 would not support this. You can check with PPM 7.5 release notes, if this is possible.

Thanks!
Niraj
Niraj P.
Shravan Kathuri
Honored Contributor.

Re: Field Level Security

Hi Niraj,

We are using PPM version 7.1 SP5. Is there any workaround for this problem?

Thanks
Shravan kumar.K
Carlos Jose Gom
Trusted Contributor.

Re: Field Level Security

We had to do something similar one time, and with PPM we didnt found the way.

The solution for us was to make a copy for created_by and after submited the request changing the owner with a trigger to the new role we wanted to can edit the request's fields.

In porlets and request we show the copy of request field created by, but for PPM the real owner is the new one we changed via trigger. In this way the creator cant modify fields anymore but the owner can.

I hope, this help you.
Niraj Prabhu
Outstanding Contributor.

Re: Field Level Security

I think scripting would be the only solution suggested above.

Let us know how it goes.

Thanks!
Niraj
Niraj P.
Shravan Kathuri
Honored Contributor.

Re: Field Level Security

Hi Carlos Jose Gomez,

I didn't get your point.We can update the created by token with some other value.But how can we search the requests in search page.Can you explain in depth.

Thanks
Shravan kumar.k
Carlos Jose Gom
Trusted Contributor.

Re: Field Level Security

The copy of created_by is the field we see as visible in the request. All the elements that involves that request type(porlets, reports, searches), are customized to take that copy as the "real" created_by field, you can filter always by that field, maintaing the real one hidden only for security purpose.