I don't know if anyone is still listening but I could not figure out the following:
As your partition user, go to the Deliveries folder in your partition and create a new Delivery.
Solved! Go to Solution.
Views
Replies
Total Likes
Your partition user only sees the Delivery templates folder in the partition because we have restricted their view to folders within that partition.
However, when that user goes to create a new delivery, he/she can browse (using the folder icon next to the Delivery template input field) to Delivery templates in the global, shared Resources\Delivery templates folder, based on membership in the Delivery operators group.
So even though we are restricting the view, the contents of any folders that the user has rights on are still available. If that user were to create a workflow, the Query would have access to any Recipients left in the global, shared Profiles and Targets > Recipients folder, even though that folder is not in their view.
There are several ways of preventing them from having this access:
These last two approaches are beyond the scope of this particular class, which is more to familiarize the student with the security model, but more details of these alternate solutions should probably be part of an advanced training or the subject of a Tech note in the wiki.
Views
Replies
Total Likes
Your partition user only sees the Delivery templates folder in the partition because we have restricted their view to folders within that partition.
However, when that user goes to create a new delivery, he/she can browse (using the folder icon next to the Delivery template input field) to Delivery templates in the global, shared Resources\Delivery templates folder, based on membership in the Delivery operators group.
So even though we are restricting the view, the contents of any folders that the user has rights on are still available. If that user were to create a workflow, the Query would have access to any Recipients left in the global, shared Profiles and Targets > Recipients folder, even though that folder is not in their view.
There are several ways of preventing them from having this access:
These last two approaches are beyond the scope of this particular class, which is more to familiarize the student with the security model, but more details of these alternate solutions should probably be part of an advanced training or the subject of a Tech note in the wiki.
Views
Replies
Total Likes
Views
Likes
Replies