does anyone know which "Profile / Role" user allows changing the validity of lots/products when using MIGO tcode?
How can I denied specific users from doing it without the user-exit?
best regards
SOLVED. I have created a specific role and whoever has that role I use user-exit exit_sapmm07m_001 that display (e) message. Thanks, everyone
Related
I use the Clockify API to sync objects to and from our other databases.
I try to update the user image from our LDAP user repo; works fine on my own account, but when I try to update the image for someone else I get a 403.
That leads me to the conclusion that everything under /users is only available for the current user (even if the current user is admin of the workspace). If so, can that be clarified in the documentation?
https://clockify.github.io/clockify_api_docs/#tag-User
Is there a way to update user settings/profile for someone else?
That's right. By design, you can't edit other people's User Settings.
This is because the person in your workspace might have other workspaces (be it their own or someone else's). You're only someone's admin in your particular workspace, and they're free to have other workspaces beside yours.
Looks like you are right, I can't GET users/{userId} except for my own user ID. Attempting to get it for other user IDs, even those users on my team and I'm the owner/admin, gives the 403 Forbidden.
I would recommend reaching out to support#clockify.me, they may be able to fix it - or at least they can be made aware of the issue. I've had success in contacting them and they respond relatively quickly.
I have looked at many posts on this issue, but for me all the proposed solutions didnt work. I am trying to access a database with a remote user, so I am setting the connection credentials as needed. I get the error as shown in the subject of this post. I have checked all the permissions, things like that, windows/sql authentication, etc. Any quick ideas of another potential problem?
Presuming the user has the permission, and you have entered the password correctly as you say, then another thing to look at would be to ensure the user is authorized to access the database remotely.
I'm newbie to OpenLDAP. I have done a bit of research on the above topic and so far couldn't find a satisfactory answer. I would appreciate if anyone can show me how to enable/disable/remove a user account in OpenLDAP.
admin changing user's password is not a good idea. it has several side effects:
it will cause a login failure.
it's not easy to re-enable user
I like the solution to add a ACL of userPassword attribute, see the solution here: acl control userPassword
it's clean and effective.
Disable: using the password-policy overlay, set pwdAccountLockedTime.
Enable: clear or remove the above attribute.
Remove: remove the entry for the user from the DIT.
The simplest way for an admin to disable an account is to change the password.
the account could be easily re-activated by giving the user the password and ask the user to change.
Is it because of portability? I think that it'd be better if they did, permission and group management would be safer in my opinion.
What I generally saw and did was to create a user account in the DBMS for the system, store that user name and password in a configuration file and accessed the database through it. The authentication module/plugin [always!] works independently the DBMS's user table.
Is there a reason for it?
Am I doing it wrong? :/
If I understand your question correctly, the reason is that if the plugin did that, then the user would be able to get access to your table using the user credentials, which is gigantic potential security hole. You want to give the user access to your app, not to the system running the app.
I have started work on JasperServer community edition for my client.
The problem I face is
After creating a new role eg
"TEST_ROLE"
Creating a new user "LADY_GAGA" and
assigning the user role as
"TEST_ROLE"
I am getting an error that states
"You do not have permission to view
this page.
Please contact your system
administrator or log in as a user with
permission."
Please help. I have also assigned the role "TEST_ROLE" its properties such as read, write, delete, access. Am I doing something wrong while assigning or creating a role. You help would be greatly appreciated.
Thank you
Figured this one out !
Every user must be assigned a minimal role of "ROLE_USER" and then any other role created and defined by you.
I had the same problem, in http://www.jaspersoft.com/how-set-role-based-jasperserver-home-pages no explain assigned ROLE_USER .
That means that the management of permissions for the TEST_ROL are immune to ROL_USER, which means you can not have a personal ROLE
First of all set No Access permission to the ROLE_USER for all the folders and sub folders.
Now ROLE_USER is a role with no permission at all, but keep in mind that ROLE_USER should be assign to all users (new and old) for login purpose.
Create NEW_USER with NEW_ROLE but ROLE_USER also should be assigned to NEW_USER.
Give permission to NEW_ROLE as per your requirement. It will surely work.
However you will have to give Execute Only permission on all your data sources and input data types for NEW_ROLE to avoid Access is denied error. Please check and let me know.