Problem Note 43035: A user ID with only View permission can edit an incident
 |  |  |  |  |
In SAS® Enterprise GRC, both role permissions and your assigned location determine what tasks you can perform. It is common for user IDs to have different roles based on location.
If you have the following application configuration setting:
monitor.incidentComponentSecurity.ignored=true
For example, you might have the following role permissions and locations that are assigned to you:
Role Name Location ======================== ===================== View Incident Credit Card Division View and Update Incident Bank Branch 1
In the example above, you are incorrectly able to update incidents in the Credit Card Division even though your role permission is view-only for that location. Updates occur because you have Update permissions on Bank Branch 1, and your configuration setting is set to true, as noted above.
Click the Hot Fix tab in this note to access the hot fix for this issue.
Operating System and Release Information
| Product Family | Product | System | Product Release | SAS Release | ||
| Reported | Fixed* | Reported | Fixed* | |||
| SAS System | SAS Enterprise GRC | Microsoft® Windows® for x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 |
| Microsoft Windows Server 2003 Datacenter Edition | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Microsoft Windows Server 2003 Enterprise Edition | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Microsoft Windows Server 2003 Standard Edition | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Microsoft Windows Server 2003 for x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Microsoft Windows Server 2008 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Microsoft Windows Server 2008 for x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Microsoft Windows XP Professional | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Enterprise 32 bit | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Enterprise x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Home Premium 32 bit | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Home Premium x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Professional 32 bit | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Professional x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Ultimate 32 bit | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows 7 Ultimate x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows Vista | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Windows Vista for x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| 64-bit Enabled AIX | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| 64-bit Enabled Solaris | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| HP-UX IPF | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Linux for x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
| Solaris for x64 | 4.2 | 5.1 | 9.2 TS2M3 | 9.3 TS1M0 | ||
A fix for this issue for SAS Enterprise GRC 4.2 is available at:
http://ftp.sas.com/techsup/download/hotfix/HF2/D41.html#43035| Type: | Problem Note |
| Priority: | high |
| Date Modified: | 2011-05-24 12:29:03 |
| Date Created: | 2011-04-21 15:52:50 |