You could potentially use multitenancy to accomplish this. You would essentially create another company with a support group that corresponds to group YYY and add the users to that group. You would then add the new company to their list of Access Restrictions on the People form and make sure that people that shouldn't see those tickets don't have Unrestricted Access selected on their profile. In that case, access to tickets in that group would be limited to people that have the new company added to their access restrictions (or that have a role on that specific ticket), and it would not be possible for other people to report on that data unless they go to the database directly, because it would not be returned in search results.
That's a high-level view of it (sorry if it doesn't make sense), but suffice it to say for now that I think you could probably accomplish what you need using OOB multitenancy functionality. It may not be as elegant and seamless as what you were trying to accomplish here, but should still be doable. Lyle From: Action Request System discussion list(ARSList) [mailto:arsl...@arslist.org] On Behalf Of Sugavanam K K Sent: Thursday, February 26, 2009 4:12 PM To: arslist@ARSLIST.ORG Subject: Data level Security ** Following is the Requirement which I received form my client, I need some help to put this into place: We have a group YYY which will be using Incident Management system to create tickets and tickets created by them should not be seen by the any other users of the system. Following is what i did I created a new Group called YYY and assigned members to it, also I created a "Opt cat" for them to use. If any user does a search on the incident form I have an active link to check if the user is of YYY group and the ticket has the "Opt Cat" value, if yes, I throw a message saying "you are not authorized to view this ticket" and hide all fields on the incident form. But, here is the problem, user was able to create report on this ticket using he in built reporting button on tne menu and view the details of the ticket. Please let me know is there any I can disable Reporting option only on this instance. Other Way - I did try to close the Incident form when they hit these tickets but system is giving a message asking if is it ok close the window with out saving the ticket, If I say Yes no issues and Incident form is closed, when I say no form is not closed and user still able to generate a report to see the information on the ticket. Please sugesst me some soulution to do this. -Sugan __Platinum Sponsor: RMI Solutions ARSlist: "Where the Answers Are" html___ NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org Platinum Sponsor: RMI Solutions ARSlist: "Where the Answers Are"
