• State Suggested Answer
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 62 subscribers
  • Views 2654 views
  • Users 0 members are here
Options
Related

Web Interface Tab

craig mcfarlane
over 2 years ago

Chaps. 

Is there a way if I create a new tab on say the user object , that you only see said tab if you are member of a certain security group? 

Thanks in advance 

Parents
  • 0 over 2 years ago

    I have been hunting around and unless I am missing something I don't see a way of showing a tab only if you are a member of GroupABC. Hope I'm wrong. 

    On the Web Interface i have a bunch of tick boxes that i only want to be seen by members of a certain group. Is there a better way of doing this if hidden tabs is not the way to go? 

  • 0 over 2 years ago in reply to craig mcfarlane

    Web interface tab visibility can be controlled based on a person's ability to modify a certain attribute of the selected object. You could then create an Access Template that grants an AD Group the ability to modify say one of these tick boxes (Virtual Attributes perhaps?) that is an attribute of user objects.

    I'm still seeing that Internet Explorer needs to be used to edit the tab's Visibility controls. From within the Visibility section, you can select an attribute that the users must be able to modify in order to see that tab. With the Access Template link in place to the proper directory object(s) and trustee (AD group), you can then add users to the group that either allows (to view the tab) or blocks/denies (to hide the tab) the members of the group to the selected attribute.

    Have a look at this section of the web admin guide:

    Active Roles 7.4.4 - Web Interface Administration Guide (oneidentity.com)

  • 0 over 2 years ago in reply to Richard.Lambert

    Thanks maybe this is where I'm getting confused. I am using Chrome and yes the little button does not open the visibility section. Tried on IE and I can now see it.  Thanks for the link. will work through that. Appreciate the reply mate. 

  • 0 over 2 years ago in reply to Richard.Lambert

    Hi. Sorry to dig this thread up again. I am not following exactly what I need to do in order to hide a tab. Sorry if I am reading the documents wrong. First time I've done this. 

    On the New User form I have a Tab and lets call it Tab A. On TabA I have a virtual attribute lets say VirtualAttribute1. I am looking to hide TabA from any members of a security group lets say SecurityGroup1

    I am just not following exactly how I need to hide this on the visibility settings. Can anyone who has done this kind of thing explain how you achieved it?  Maybe a screenshot would help. 

    Thanks in advance 

  • 0 over 2 years ago in reply to craig mcfarlane

    Are you hiding a tab of options that SecurityGroup1 would not be able to modify anyway?  - and that's why you don't want them to see the tab? 


    If the SecurityGroups1 doesn't have permission to modify the attribute, they won't see the tab if you set the following: 

    • Connect to the website as an ARS admin,
    • navigate to your new user menu form
    • in the upper right hand corner, click 'customize'
    • on the new user form, open visibility section of the tab to be hidden,
    • then toggle the second circle, and in the second input block of that form,
    • click add - and choose VirtualAttribute1. 
    • [then save, then reload, test] 

    if this meets your need, then go to the same ARS web site on any other servers you have it running from, go into pane 1 (far left) customization, and click reload. This ensures the new rule is loaded in the live environment at each of your sites.

    That second input section 'The user is allowed to modify each of these properties of the selected object'  lets you choose visibility based on delegated rights of the person performing the operation.  If the operator don't have the permission required to modify the attribute - then they won't see the tab.

    Additionally - 

    The first input form in that section 'Properties of the selected object meet each of the these requirements'  allows you to limit visibility based on properties of the object to be affected.  We use this to hide tabs for objects based on the OU the object sits in (using 'In Folder' property), or other role. 

    hope that helps.   

Reply
  • 0 over 2 years ago in reply to craig mcfarlane

    Are you hiding a tab of options that SecurityGroup1 would not be able to modify anyway?  - and that's why you don't want them to see the tab? 


    If the SecurityGroups1 doesn't have permission to modify the attribute, they won't see the tab if you set the following: 

    • Connect to the website as an ARS admin,
    • navigate to your new user menu form
    • in the upper right hand corner, click 'customize'
    • on the new user form, open visibility section of the tab to be hidden,
    • then toggle the second circle, and in the second input block of that form,
    • click add - and choose VirtualAttribute1. 
    • [then save, then reload, test] 

    if this meets your need, then go to the same ARS web site on any other servers you have it running from, go into pane 1 (far left) customization, and click reload. This ensures the new rule is loaded in the live environment at each of your sites.

    That second input section 'The user is allowed to modify each of these properties of the selected object'  lets you choose visibility based on delegated rights of the person performing the operation.  If the operator don't have the permission required to modify the attribute - then they won't see the tab.

    Additionally - 

    The first input form in that section 'Properties of the selected object meet each of the these requirements'  allows you to limit visibility based on properties of the object to be affected.  We use this to hide tabs for objects based on the OU the object sits in (using 'In Folder' property), or other role. 

    hope that helps.   

Children
No Data