Transition security rules

Transitions have three types of security: privilege security, attribute security, and branch security. All are used to determine whether a transition is allowed. You decide which types of security to set on each transition.

Privilege security

Privilege security allows the transition when the user has the required privilege. For example, if the entered2review transition requires the verifier privilege and the user sam has the verifier privilege, Sam can perform the transition.

Attribute security

Attribute security allows the transition when the value of the specified attribute matches the user ID (that is, resolver="sam"). For attribute security to work, the selected attribute must contain a user ID as its value. That is, the attribute has the type CCM_USER.

Attribute security can be defined on an attribute, or on a combination of an attribute and a user's privilege.

If a privilege is specified, then both of these conditions must be met to transition the change request (CR):
  • The attribute value must be equal to the user ID.
  • The user must have the specified privilege.

For example, a rule states that only a user who submitted the CR (the value for the submitter attribute on the CR must be equal to the logged in user ID) and who has the developer privilege can transition the CR to the entered2assigned state. Therefore, if user sam submitted a CR and he has the developer privilege, he can transition the CR to the entered2assigned state.

Branch security

Branch security allows a transition only when an attribute has a specific value. For example, the request_type attribute can be set to either Defect or Enhancement. You can allow the fix_defect transition only when request_type is set to Defect, and allow the make_enhancment transition when request_type is set to Enhancement.

If a privilege is specified, then both of these conditions must be met to transition the CR:

How privilege, attribute, and branch security rules work together

If either attribute security or privilege security rules are satisfied and branch security is not set, the transition can occur.

However, if branch security is set, the transition cannot occur unless both of these prerequisites are met:
  • All branch rules must be satisfied.
  • If one or more attributes or privilege security rules are set, then one of them must be satisfied.

    That is, the ANDed branch security rules are ANDed with the ORed privilege and attribute security rules:

    ( (Privilege security rules) OR (Attribute security rules) ) AND (Branch Security rules)

Consider this example. You set the following rules for CRs to be transitioned to the in_review2assigned state.

Rule 1 - privilege level security

Rule 1 - privilege level security

Only users with the assigner privilege can perform the in_review2assigned transition.

Rule 2 - attribute level security

Rule 2 - attribute level security

Only the user who submitted the CR (the value for the submitter attribute on the CR must be equal to the logged in user ID) and who has the developer privilege can perform the in_review2assigned transition.

Rule 3 - branch level security

Rule 3 - branch level security

The in_review2assigned transition can be performed only when the reviewed_by_mgr attribute is set to TRUE. You do not assign the privilege a value.

Rule 4 - branch level security

Rule 4 - branch level security

The in_review2assigned transition can be performed only when the need_approval attribute is set to FALSE and the user has the reviewer privilege.

Scenario:

You give user sam the developer privilege, user john the assigner and reviewer privileges, and user joe the developer and reviewer privileges.

sam submits a CR and assigns it to john. So, sam is the submitter and john is the resolver. Then, you set the reviewed_by_mgr attribute to TRUE and the need_approval attribute to FALSE.

Therefore, for the transition to occur, all of the branch rules must be satisfied and at least one of the privilege or attribute rules that are specified must be satisfied:

(RULE 1 OR RULE 2) AND (RULE 3 AND RULE 4)

  • The reviewed_by_mgr attribute is set to TRUE, so all users satisfy Rule 3.
  • Although joe satisfies all of the branch security rules (Rule 3 and Rule 4), he does not satisfy any of the privilege or attribute security rules. He cannot transition the CR.
  • john can transition the CR because he satisfies Rule 1, Rule 3, and Rule 4.
  • sam satisfies Rule 2 and Rule 3, but he does not satisfy Rule 4. He cannot transition the CR because all of the branch security rules must be satisfied.

However, assume that only privilege and attribute rules are set, and branch rules are not set. In that case, the privilege security and attribute security rules are ORed, so:
  • joe cannot perform the transition because he does not satisfy any of the privilege or attribute security rules.
  • sam satisfies Rule 2, so he can transition the CR.
  • john satisfies Rule 1, so he can transition the CR.

Feedback