Home Analyst Portal

Trouble with restricting access

David_MuzzattiDavid_Muzzatti Customer IT Monkey ✭
in Analyst Portal

I need some assistance in restricting queues – I thought I had this working in my test environment, but I have run into issues with the restrictions being applied on our live system. I have tried redoing the user roles, but it appears the system will either allow full access to all the tickets or no access to any regardless of the queue they are in. is there any guidance or something I might have to do in order to allow this to work?

I have seen the user roles article and made the custom roles as suggested already.

Answers

  • Geoff_RossGeoff_Ross Cireson Consultant O.G.

    Hi David,

    Do you have an End User Role targeting all users giving access to all queues?

    Geoff

  • David_MuzzattiDavid_Muzzatti Customer IT Monkey ✭
    https://community.cireson.com/discussion/comment/25629#Comment_25629

    Hi Geoff,

    End users have no access to any queues but they are an advanced operator role if that makes an impact

  • Geoff_RossGeoff_Ross Cireson Consultant O.G.

    Hi David,

    Really not sure how they are getting access to tickets if they are not granted access to any queues. Sorry.

    Geoff

  • David_MuzzattiDavid_Muzzatti Customer IT Monkey ✭

    I redid all users roll access since I am desperate to find a resolution to this - what I found was that old tickets would be accessable but new ones that were less than a few hours old were not. I got the Cireson Cache builder restarted but it didnt make an inpact - is there somthing else I could try?

  • john_doylejohn_doyle Cireson Support Ninja IT Monkey ✭✭✭✭
    edited November 21

    The Cireson portal does not control access to the tickets*. The fact that the tickets are accessible only some time after creation does suggest that the users are indeed scoped to queues and are being granted access to the tickets because they are members of a queue which match the criteria.

    If you run this query against the ServiceManagement db, it may help isolate the issue.

    select ServiceManager.dbo.fn_GetLocalizedText(urm.UserRoleId,'enu') [Role Name]
    
from CI$User u
    
join Scoping_User su on u.Id = su.UserId
    
join Scoping_UserRoleMap urm on urm.MapId = su.UserRoleMapId
    
join Scoping_WorkItem sw on sw.UserRoleMapId = urm.MapId
    
join WorkItem wi on wi.Id = sw.WorkItemId
    
where u.username = 'warnerb' and wi.WorkItemId = 'SR1120'

    Set the username and workitemid to appropriate values and this query should list the roles that this user is a member of. One of these roles is giving the user access to that work item.

    If that query returns no result, then the user is a member of a role which has access to all queues.

    Note * The portal does have a TeamGroupFilter setting which if true will limit access to work items through the portal for users who are not members of the AD group assigned to the Portal Analysts group.

Sign In or Register to comment.