Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

How to impose controls on delivery approval flags

Ssb_94
Level 6
Level 6

Hello Team,

We have a requirement to restrict modifications to the Delivery Approval Flags within the Delivery Properties -> Approvals tab.

Scenario:

We will be creating a delivery template with few of the Approval Flags (let's say content and Target) checked by default. When a user (assume an analyst with lesser privileges) tries to create a delivery from this template, he still have rights to uncheck these approvals while configuring, which we want to restrict them from doing so.

 

I understand we need to handle at form - container level. But wanted to check how effectively it can be done and implications of doing this. Any ideas or suggestions?

Regards,

Sri Bhargav 

1 Accepted Solution
Jonathon_wodnicki
Correct answer by
Community Advisor
Community Advisor

Hi,

 

The form is just ui for the console, an enterprising user can sidestep safeguards there in under a minute with tools like Fiddler.

Still, for virtually every scenario it should be enough. If the client wants true security you can adopt a multilayered approach:

  • Create a delivery template with desired settings
  • Apply visibleif conditions for unprivileged user groups in delivery form ui to keep them from meddling with settings
  • Check settings in control typology rule or with clever filtering typology (1=1 if delivery doesn't have the settings right)
  • Lock deliveries to typology with the rule using folder permissions

 

Thanks,

-Jon

View solution in original post

3 Replies
Jonathon_wodnicki
Correct answer by
Community Advisor
Community Advisor

Hi,

 

The form is just ui for the console, an enterprising user can sidestep safeguards there in under a minute with tools like Fiddler.

Still, for virtually every scenario it should be enough. If the client wants true security you can adopt a multilayered approach:

  • Create a delivery template with desired settings
  • Apply visibleif conditions for unprivileged user groups in delivery form ui to keep them from meddling with settings
  • Check settings in control typology rule or with clever filtering typology (1=1 if delivery doesn't have the settings right)
  • Lock deliveries to typology with the rule using folder permissions

 

Thanks,

-Jon

Sukrity_Wadhwa
Employee
Employee
Hi @Ssb_94, Were you able to try the above solution and resolve this query or do you still need more help here? Do let us know. Thanks!