Provide Explicit Deny in OO Central

Jorge Cruz · ‎2019-11-11

Hello,

Brief Description: In today's RBAC model, users are provided permissions depending on their RBAC Role and what that role has access to. It would be helpful to provide explicit deny of users permissions.

Benefits/Value: This will allow the admin to filter permissions of the user and go as far as restricting access to specific resources / configurations / etc...

Thanks

daniel_crisan · ‎2019-11-28

Hi @Jorge Cruz ,

Cannot this be achieved by removing the user from that role? Having permissions and entitlements on user level can over complicate the system and decrease its performance. That's why the RBAC model was chosen.

Regards,

Daniel

RyanSedivy

@daniel_crisan : Removing a user from the role will not resolve the problem. RBAC is managed at a group level, so all members of the group will be impacted by the role change. Without an explicit 'DENY' we cannot restrict to individual user level.

Provide Explicit Deny in OO Central

Idea ID 2707545

Provide Explicit Deny in OO Central

Operations Orchestration Trial

Control with powershell exit or returncode

PowerShell Script operation: remove script output

OO 10.x family compatibility with "OO Virtualization Content"

Oracle DB: Seperate LOB Column to a sperate tablespace

Pause Flow OO Task with Wakeupscheduler

OO Multi-instance Execution Mechanism Changed after 10.X version

Add category support to API

REST API oAuth2.0