We have some reservable spaces with system geography and system organization settings. A non-Admin user also has the same geography settings. There are security groups for reservations, and organizations and geography security groups are assigned to him. The geo and org security groups have the same geo and org as the space and profile. But the non-Admin user still isn’t able to see spaces.
He is only able to see them when the first level of the org hierarchy is provided in the group (i.e. \Organization). But as soon as the second level is given in the group, he isn’t able to see them. Can anyone help me on this? I think there is some issue in the org, but I don’t know exactly where it is.
[Admin: To see other related posts, use the Geography tag or Organizations tag.]
I have a few questions from our customer about TRIRIGA reports:
- Question 1: We want to create a report to show the triProperty which has more than one triBuilding as children. By using an association filter, we can only show the triProperty which has at least one triBuilding. By using a summary report, we can group by triProperty to show the number of triBuilding it has, but we can’t add another criterion based on the “Number” column. So, both two solutions above don’t work.
- Question 2: How can we do something like a “left join” in a multiple-BO report? We have noticed that the behavior of multiple BOs in a report acts more like an “inner join” query. The filter based on the secondary BO will also impact the primary BO result. Do you know any way to get a “left join” result in TRIRIGA?
- Question 3: How can we share a list of reports with users who are members of a specified security group? Our customer doesn’t want to grant the access of the “My Report” application for those groups, and they would like a solution that is more dynamic than adding those reports into the portal of the user. I don’t know if there is way to do this. Can the Admin user define a favorite list for the end users?
[Admin: To see other related posts, use the Reports tag or My Reports tag.]
I have an issue where it is not possible for non-Admin users to trigger the Create state transition through our OSLC interface. Instead, we get the following error:
2017-06-27 13:08:10.301 UTC ERROR [com.tririga.platform.integration.oslc.OslcRequestDispatcherImpl](Default Executor-thread-34280) Failed to read message: null
2017-06-27 13:08:10.301 UTC ERROR [com.tririga.platform.integration.oslc.OslcRequestDispatcherImpl](Default Executor-thread-34280) Exception in OSLC call: com.tririga.platform.integration.oslc.OslcException. message=java.lang.ClassCastException: com.tririga.platform.metadata.domain.BoStateTransitionId incompatible with com.tririga.platform.metadata.domain.gui.GuiStateTransitionMetadata
The fact that I am able to create and associate the record using an Admin user says to me that this is related to permissions, but I’ve made sure that the user has full security access for both the BO/form it is trying to create, the BO/form that it is attaching it to, and all other BOs/forms that are associated to it, and it still gives me the error above.
When I open the created record that my Admin user created, it looks to be correct. But when I open the one that the non-Admin user tried to create, it shows an empty record. None of the fields are saved in a null state, which of course is because it didn’t get created, the Create state transition was not triggered. Any idea of what is causing this issue? And how to resolve it?
[Admin: To see other related posts, use the OSLC tag.]
We have some capital projects created, and they are viewable only when logged in as an Admin-level person. But as non-Admins, we are unable to view the projects. If we login as a non-Admin and click on the magnifying glass, a query comes where no projects are shown in searching for it. It’s no use whether I select company-level or project-level. Any clues on access? Or how a non-Admin can see the projects?
Were the non-Admin user groups added to the Security tab of the project?
[Admin: This post is related to the 02.13.17 post about project context and security. To see other related posts, use the Admin Group tag.]
Sometimes, a user that supposedly has licenses for a form or portal is not able to see the form or portal. So how do you determine if some license is missing, or if the licenses you have are enough? This question often comes up when users start reporting that they cannot access portions of the application and call in to complain.
The best way to check it is to login as an Admin user, and follow these instructions:
- Go to Tools > Administration > License Manager.
- Click on the “Matrix View”.
- Use the browser’s “find” function to look for the form or business object.
- The necessary licenses are marked with a check (or R for read-only).
[Admin: The same article is also posted in the IBM Support Portal as a technote. This post is related to the 02.08.16 post about finding information on TRIRIGA licenses. To see other related posts, use the License tag.]
A user is unable to create a document and gets the following error “User does not have permissions to create a document”. How do you resolve this error?
The proper security access has not been granted to the Document object. Login as an Admin user. Go to the Security Manager. Select the Document object. In the right-hand panel, look at the access level. Make sure that “Read, Update and Create” is selected.
[Admin: This post is related to the 05.10.17 post about the 3.5.2 Security Manager. To see other related posts, use the Security Manager tag.]
We are running TRIRIGA 188.8.131.52 platform and TRIRIGA 10.5 application. We have a requirement from our customer, for Sarbanes-Oxley (SOX) compliance reasons, that we need to change the “System” user password in TRIRIGA. We have done this in the past. However, the old option now appears to have become read-only, so we can’t do it the same way. Any ideas how we can update this password now?
Here are some things that might be preventing you from updating the password:
- 1. The logged-in user does not have security access to update the password, or a workflow has triggered on the record that has modified the metadata, and made the password fields or its section non-editable.
- 2. The record is in a state that only supports read-only actions. This makes the record non-editable.
- If you are logged in as Admin and cannot modify the password, I’d confirm that the System user is still part of the Admin group.
- If you are trying to change the System password as another user that is not an Admin, I would put that user in the Admin group temporarily to see if this gets past your issue.
- If you can confirm that a user in the Admin group cannot modify the record, I would look at workflows that are changing the metadata and the record state.
- If you cannot access the account as the System user, you can temporarily clear the System password to blank (null), so that you can login as Admin and reset the password. For example, via an update SQL script:
- update user_credentials set password = null where user_account = ‘system’.
[Admin: This post is related to the 04.18.16 post about resetting a user’s password as an administrator. To see other related posts, use the Password tag.]