7 Replies Latest reply on Feb 18, 2014 1:22 PM by Gregor

    AF Attribute security/view


      I was wondering if there was a way to set security on specific AF element attributes.  We have setup table lookup attributes to use with substitution parameters in our templates.  The confusion is happening with our end users that are seeing these attributes in the Coresight tree view as well as in AF search results in client tools.




      Ideally I would like to be able to hide attributes that are not relevant process data from the end users to avoid confusion and the inevitable calls and emails asking what they are.

        • Re: AF Attribute security/view

          Hi Scott,


          As far as I know there is no security settings available specifically for AF attribute, in order to hide some attributes you probably will need to create another element for those attributes. It is possible though to prevent users from reading the values of some attributes within the element, for instance you can set the security on the tables to prevent users from reading the values of the attributes that are using table lookup reference.  


          For the issue you are experiencing, there is a work item 98395 created for PI Coresight.

            • Re: AF Attribute security/view



              The ability to "hide" an AF attribute has been requested by other customers.  We're looking into possible ways of accomplishing this.  I'm interested in knowing what your thoughts are from a user perspective.  Security descriptor on each attribute is a tremendous amount of work and affects many things in AF so we would like to consider other methodologies.  Would you be OK with, say, a manual way for you to indicate whether an attribute should be treated differently by our clients?  This may not be desirable if you have 1,000,000 attributes that you need to sort through :-).  How would you like to do this from a user's perspective?

                • Re: AF Attribute security/view

                  Steve, I'm open to suggestion at this point.  While we won't have a million attributes to work with, I understand your concerns and the are valid.  Having a way to "hide" them on the client side is an option.  Right now Coresight is my concern.  When a user drills down the AF tree in Coresight all of the template attributes are visible and confusing people.  Not sure how it could be setup to show some attributes but not others.  In a perfect world I would envision attribute security/view options as a part of the AF Builder in Excel, I can see many challenges to something like that as well.  I guess bottom line is that I don't have any particular vision as to how this may look.  If you would like to talk at the UC this year and discuss, I'll be out Monday through Friday AM.

                    • Re: AF Attribute security/view
                      Roger Palmen

                      The approach i normally take, is as already suggested the use of sub-Elements. Use an information-rich Element for access by users, and use a sub-Element for all the technical stuff you need to make things work. But this has its drawbacks (e.g. Notification triggers cannot traverse down into the sub-Elements).


                      One other way i commonly use to partially hide the technical details is to hide those in sub-Attributes. That will cause these attributes not to be immediately visible to the end user. This is my personal preference, but not always possible to use due to the limitations some applications have in using sub-attributes. (E.g. WebParts requires some smart workarounds to get to sub-attributes).