Rights define tasks that the user can perform, for example viewing, modifying and approving solutions. Rights are granted to a role. You define a role and then associate that role with access rights using the Business Control Center. Refer to the Appendix A, ATG Service Access Rights for a complete list of rights. There are four types of rights.
Access Rights
These rights grant access to specific application functionality, for example, access to pages, panels, or the ability to create solutions. Access rights include printing solutions, adding or viewing comments, creating or viewing solutions, or performing specific tasks. There are two categories of access rights:
Static rights – A static access right is global. For example, a static
view comment
right allows an agent to view any comment in the knowledgebaseInstance rights – If an object has an ACL, then its access right is known as an instance right. The agent must be a member of an organizational role that has been granted the right to perform a specific operation on the object
Agents can view an ACL-based object only if that object contains an ACL whose rights match the instance rights and organization of the agent
For example, Joe is granted a “Product X Reviewer” role that includes a
view solution
right for the status ‘Needs Review’. Joe has been granted this role for the organization ‘Product X’. A solution has the ‘Product X’ owning group and happens to be in the ‘Needs Review’ status. Joe can view the solution because he has the status right (view solution in Needs Review status) associated with organization role (Product X) that matches the solution’s status (Needs Review) and owning group (Product X)
When assigning access rights to an organization, you can select from a list of pre-defined rights, known as direct access rights, or you can select an existing template role and assign all of its access rights.
Status Rights
Status rights control agent security on solutions. An agent can view a solution provided that they have been granted a view solution right for the current status of the solution. Status rights also control who can perform a given task.
For example, an agent can edit a solution that is the Content Review status only if they have been given the Allowed
to
Open
for
Edit
in
Content
Review
right. If the agent has the Allowed
to
Open
for
Edit
Solution
being
Proposed
right, the agent will be unable to edit the solution.
Login Rights
The loginWorkspace
right controls who can access the agent workspace, while the serviceAdminLogin
right controls who has access to the Service Administration client.
Administrator Rights
The svcSuperAdminRight
is a specialized right that grants an administrator the ability to perform all operations. There are a number of pre-defined administrator rights available.