We have table Transfer Order:
This is the view from admin User.
This is the view of the user to whom I need to give read , write, create and delete access, but the two fields 'To Stockroom' and 'From Stockroom' are not visible to this user.
I have created ACLs like:
how I can make these two fields accessible to some user?
Please help me.
In order to find the specific ACL that is failing the user's request for access, you can simply enable the Debug Security module. Then impersonate the user, visit the record, and scroll down the page. You'll eventually come to a line like this:
This red X indicates that a condition of the ACL was not met. Clicking the ACL (In this case, record/alm_asset.model/write) will take you to the specific security rule. Hovering over the red X will tell you what portion of the ACL was not met; the condition, the script, or the role requirement. That is what you must remedy either in the ACL, or by granting the user the necessary permissions.
I suspect in your case, that the user is able to see the record they're viewing, but does not have access to view the record or table referenced in the reference field. However, only the ACL/security debugger can tell you for sure.
To stop debugging, just click the "stop debugging" module in the app navigator, or log out of ServiceNow.
Related
If I have already connected to database, and can not see the tablenames, functions, or procedures ...does it mean that I have been granted only Connect By session privilege?
When I use column names #database links it gives me an error that does not describe in details that do I have Select privilage or not. But when I write my function and want to compile it it gives you have not been granted a privilege to create a function.
I cannot see in navBar any buttons of related database that my user has been created in. I tried to do smth from Preferences, then relaunched SQL Developer although the result is the same. Just pure empty colons on the left side of my navbar
I'm setting up a new share that I've enabled enumerated access on. I'm looking to limit people access to files on a certain folder. I've setup other folders that restrict access unless your in a security group. This folder thats giving me trouble was copied over from another network share. When I create a folder from scratch everything works fine so I'm curious if thats whats giving me issues.
The folder I'm trying to access is
x:/Limerock/Projects/"Project Name"
If I go into the security tab and check my effective access it says that I have full control:
The user I'm signed into is joe.jankowiak which is part of the Domain Admins security group. Domain Admins owns all the folders in above this and has full control.
When trying to enter the folder it tells me I need to request permission. I'm an admin so it goes through and adds "joe.jankowiak" to the full control list in the security permissions.
Why is it not taking my domain admin credentials to enter this folder? I'm seeing other weird behavior such as it saying "Unable to display current owner." and "You must have read permissions to view the properties of this object". Clicking continue lets me see it.
Everything looks right, I've setup 6 other new folders in the exact same manner and they work fine. I've signed in and out many times but it hasn't fixed it. Weird enough, another computer I signed into lets me access the folder just fine. Is there a way to reload file permissions since logging in/out doesn't seem to do it. Is there a command like gpupdate that I should run?
I have seen this before andyou might need to do the following operations in order:
-Replace Ownership on the folder and replace all child object ownership too=>apply or OK
-Close the security properties and re-open it again
-Add Domain Admins as full control and Replace all child object permissions... =>apply/OK
That should do it
I'm trying to find a list of users for a specific project (by projectKey) who possess the issueadmin permission. I've found a documented API that gets me pretty close:
api/permissions/search_project_permissions
but the response that I get back only has summary information: counts of groups/users for each permission type.
search_project_permissions response
Does anybody know if there's a way to get to the login details for the users?
There is an "internal" web service (meaning it could change without notice!) that does this. You'll use it like so:
http://myserver.myco.com/api/permissions/users?projectId=[project guid]&permission=issueadmin
In Web API interface use the "Show Internal API" checkbox at the top of the left column to see it.
just noticed in Sonarqube v6.7 it works as follows:
https://sonarqube.dhl.com/api/permissions/users?projectKey=<KEY>
https://sonarqube.dhl.com/api/permissions/users?projectKey=<KEY>&permission=issueadmin
https://sonarqube.dhl.com/api/permissions/users?projectKey=<KEY>&permission=issueadmin&permission=scan
All possible permissions are (reg. Browse, See Source Code, Administer Issues, Administer and Execute Analysis):
admin
codeviewer
issueadmin
scan
user
NOTE: I am note DB Admin and I am not that much in sql server security
I am using MS SQL SERVER 2008R2
What I want to do is to give a user a minimal permissions or just what he required
I have a local user in my windows and I add this user in the logins of the database after that I went to this user in my specific database and try to change his set of permissions but the section is coming empty
why it is coming empty?
and how to do this, I mean giving him the permissions that he just need nothing more?
Please I want to do this from the user interface without T-sql
EDIT
I Just want to give the user read, write, execute nothing more
and also I need to know more about how to control users permissions in more details
A. Set up Read/Write
Go to Security/Logins and find your login, double click it
Go to user mapping, and click on the database that you have access to
In the bottom pane under 'Database Role Membership', tick db_datareader and db_datawriter
This gives the user Login SELECT, INSERT, UPDATE, DELETE
B. Revoke DELETE and grant EXECUTE
Create a role that does this:
Go to your database / Security / Roles
Right click, New / Database Role
Give the role a name, I will use executor for this example and press OK
I don't know how to do the next steps in SSMS, You'll need to do it in T-SQL:
Start a new query in your database
Type this and press F5:
GRANT EXECUTE TO executor;
DENY DELETE TO executor;
Now repeat A3 but select your newly created role, 'executor'
Every new user (or group) that you create needs to be a member of these three roles. The best practice is to add a windows group to SQL Server once, and add users to that windows group.
Lastly test this - I don't know for sure that it works.
With regards to the database user securables:
You have to explicitly populate this list to see what it contains. It doesn't populate automatically. Press Search and search for some objects (i.e. all objects belonging to the schema dbo). Now you have a list of objects in the top. Click on an object and click the 'Effecttive' tab on the bottom. This is the users effective (final) permissions for this object. If you want to override this at the object level you can assign something on the explicit tab
Had similar problem after our MSSQL Server was restored on a new server and wanted to set explicit permissions for a user in a DB.
Not sure how to make it default (as it appears to have been previously), but basically just hit the search button in the Securables tab you show to search for "All objects of the types..." and choose the Databases object and click ok / search. You should now see securables for that specific database and can set explicit permissions as well as view existing "effective" permissions.
I was playing around with hwi, I got it started.Now I can see the different schemas which are present. But I don't know how to query them. I tried to check hive wiki (https://cwiki.apache.org/confluence/display/Hive/HiveWebInterface) but they dont seem to have much information put over there. There seems to be a Running a query section in Walk through but it says image not found.
Anybody who has used HWI to query please suggest a way to use it.
Try these steps :
Open HWI : http://localhost:9999/hwi/index.jsp
Click on Authorize in the left pane. This will open the Change User Info section. Enter the username and hit submit to complete the authorization process. Upon successful authorization you'll see Authorization is complete at the top of your page.
Now click on Create Session, enter some session name and hit Submit.
Once you submit the session name you'll get the Manage Session screen. This is the place where all the action will take place. Come down to the Session Details section and enter a file name, say /Users/tariq/res.txt, in the Result File box. This is the file where the result of your query will get stored. If you expect your result to be very huge you can just enter /dev/null over there. Remember the result file is local to the web server. Similarly enter the error file if you wish.
Now come down to the Query box and write the query you want to execute.
Come down further to the Start Query drop down list, click on it and elect YES and hit Submit.
You should be able to see the file /Users/tariq/res.txt by now containing the result of your query. You can also view the result by clicking on View File option which will appear next to the Result File box upon the successful completion of your query.
HTH
Take a look at Hue - http://cloudera.github.io/hue/
This project is bundled with the Cloudera installation and seems to work rather well.
Best,
Sukrit