SmartObject Security

The configuration of Publish and Delete rights on the SmartObject Security node is deprecated. To configure publish and delete rights for SmartObjects, use the Authorization Framework. For more information see KB002667.

The SmartObject Security node is used to define design-time authorization rules for SmartObjects and controls who may publish (create/update) SmartObject definitions. This is most often used to prevent certain users or groups from creating SmartObjects in a particular K2 environment. For example: you may want to allow only members of the Sysadmins group in you organization to publish (create/update) SmartObject definitions in your production K2 environment. Other users will not be able to publish SmartObjects in that environment.

The authorization model uses an optimistic approach. If no permissions are defined, any user can publish and delete SmartObjects. As soon as a permission is defined, only those users/groups can perform the specified operations and no other users will be able to publish SmartObjects.

Follow these steps to add permissions:

  1. Click Add from the SmartObject Security node.
  2. The Configure SmartObject Administration Permissions page opens.
  3. Click the Search drop-down and select to search for users or groups.
  4. Click the Label drop-down and select the Security Provider label you want to search on.
  5. Click the Type drop-down and select the type of search that will be performed.
  6. Type a value in the text box provided and click Search.
  7. The matching users or groups will be returned in the first view. Select a user or group and click Add.
  8. The user or group will now be listed in the second view. You can add multiple users or groups by doing a new search and clicking Add again. Click Next.
  9. Select the required rights per user or group and click Finish.
    10. Permission Level What does it allow the user to do?
    Publish
    The configuration of Publish rights on the SmartObject Security node is deprecated. To configure publish rights for SmartObjects, use the Authorization Framework. For more information see KB002667.
    Delete
    The configuration of Delete rights on the SmartObject Security node is deprecated. To configure delete rights for SmartObjects, use the Authorization Framework. For more information see KB002667.

Follow these steps to remove a user or group's permissions:

  1. Select the user or group by clicking the check box in front of the name.
  2. Click Remove.
  3. Click OK on the confirmation message. This will remove the assigned permissions to that user or group as well as remove the user or group from the list.

The Save button is used to save changes made to existing SmartObject Security Permissions. To edit permissions the check boxes can be checked or unchecked per user or group. Click Save to save the permission changes made.