KBI 310797 New Feature: How To Determine AT Object Security GSO
Version
Argent Advanced Technology 3.1A-1401-A and later
Date
Thursday, 9 Jan 2014
Summary
Argent AT 3.1A-1401-A implements full features of product security covering both individual objects and object folders
The Argent AT object security can be either explicitly or implicitly defined
The product default security is assumed if the security is not defined anywhere
Technical Background
Customers can define object and folder security explicitly by invoking the ‘Security‘ in context menu, which brings up the typical object security definition dialog box
Customers can either use pre-defined GSO policies or define access rights for explicit groups or users
The Global Security Objects are defined in product security screen
These objects are shared among all Argent AT products
They can be thought of as a security macro that can be reused throughout Argent AT products
The Argent AT security algorithm is quite sophisticated though the basic idea is simple:
- If security is explicitly defined, use it. If not, check the parent folder
- If folder security is explicitly defined, use it
- If folder security is not explicitly defined, check whether its name matches one of the Global Security Objects (GSO). If any is matched, use the GSO security
- If folder security is not defined either explicitly or implicitly, check its immediate parent folder until the tree root
- If security is not defined anywhere, use the product default security
Following flow chart explains the algorithm:
Resolution
Upgrade to Argent Advanced Technology 3.1A-1401-A or later