• State Not Answered
  • +1 person also asked this people also asked this
  • Replies 0 replies
  • Subscribers 12 subscribers
  • Views 2462 views
  • Users 0 members are here
Related Discussions
Home » Discussions » Best Practices

Sites and Security

Poorna Guduri
A Score Level 1

Hello All,

I have a Site tied with my Application and the access/security has been restricted to a group which contains only one member of type Basic User.

In our environment, there are few other Group(s) (part of different applications) which has rules on them for the automatic addition of users into the Group(s) and the Rule says whenever a new user account (of type Basic User) has got created in the environment then add the user as a member to the Group(s).

These Group(s) have been used for the access/security purposes on few other Sites. As my user has got automatically added to the above mentioned Group(s), he could see the other Sites and access the respective pages of those Sites. I want to restrict him to access only my Site but not any other which I may not be able to do without emoving him from the above Group(s).

In order to remove his membership from the above Group(s), I have tried the below options:

1. Manually tried to delete the User from the above mentioned Group(s) where I have seen a notification that I would not be able to delete his membership as the user got the membership through the Rule mentioned on the Group(s)

2. Used the Smart Service - Remove Group Members - inside a process model and executed the same. The instance completed
successfully but there was no impact on the Group(s) i.e., still the user has the membership to the Group(s). I was expecting a node crash or alert notification which I have seen during the execution of point 1

3. Added a new rule on the above mentioned Group(s) and the Rule says - Add Users to the Group when the username does not equal to the username of my user. After clicking on Apply, I was expecting the execution of combination of rules i.e., the rule which was defined earlier and the rule which I have just created (as rules on Group will take the AND operator), which did not happened. There was not any impact i.e., still I could see the existence of the user in the Group(s), from which I understood that I cannot act upon the membership of the users who have already been added to the Group(s) before defining the new rule (which I have mentioned at the very start of this point) but only deletion of Rule can impact the Group(s)

I could think of only one solution at this moment:
Delete the Rules on the respective Group(s) and so all the members who have got the membership to the Group(s) will get removed and then define new combination of rules to meet the requirement.

But keeping hands on other Applications related Group(s) doesn't seem to be proper as the developer/ the site developed is/are not part of any of those Applications and also the developer might not aware of the requirement in particular to each Application.

Is there any other possible solutions that I can go for?

Thanks!!

  Discussion posts and replies are publicly visible

© 2024 Appian. All rights reserved.