Configuring the OSLCLinks package for security context
You might want to configure the Rational® ClearQuest® OSLCLinks package to be part of a ClearQuest security context system, for example, to hide links from unauthorized users.
About this task
Additional steps are required after you apply the OSLCLinks package to your schema to configure the package to work with a security context system.
See Creating a security model for more information about Rational ClearQuest security.
Procedure
- As a user with Schema Designer privileges, run the packageutil
setaccess subcommand to enable the OSLCLink record
for editing. Here is the command-line synopsis for the packageutil
setaccess subcommand:
packageutil setaccess -dbset dbset_name user_name password schema_name -record -modifiablebyothers OSLCLink
For example:
packageutil setaccess -dbset 7.0.0 admin "" ALM -record -modifiablebyothers OSLCLink
The display output might be similar to this:
--- Checked out revision 3 of schema 'ALM' +++ Set access policy for OSLCLink to -modifiablebyothers +++ Set access policy for select records, fields, and actions
- In the Rational
ClearQuest Designer,
add a new REFERENCE field to the OSLCLink record type:
- In the schema where you applied the OSLCLinks package, expand the Record Types - Stateless node and then expand the OSLCLink node.
- Right-click the Fields node and click New Field. The New Field dialog box opens.
- Type a name for the new field and set the Type to REFERENCE.
- Click Finish. The Properties tab for the new field opens.
- In the Reference Information section of the Properties tab, set the Reference To property to your security context record type.
- Select the Security Context option.
- Still using the Rational
ClearQuest Designer,
add the following
OSLC_GetSecurityFieldName
global hook to the schema:sub OSLC_GetSecurityFieldName { my $security_fieldname = ""; my ($entitydef_name) = @_; # A hash table to keep security field name of each # entitydef, using entitydef name as the key and security # field name as the value. my %security_fields_hash = ( #add entitydef and security context field pairs here #For example, "ALMTask" => "SecurityPolicy" ); if (exists $security_fields_hash{$entitydef_name}) { my $temp_security_fieldname = $security_fields_hash{$entitydef_name}; if ( $::session->GetEntityDef($entitydef_name)->IsSecurityContextField($temp_security_fieldname)) { $security_fieldname = $temp_security_fieldname; } } return $security_fieldname; }
The hook returns the security context field name of a specified record type.
- Update the %security_
fields_hash
table in theOSLC_GetSecurityFieldName
global hook to include a record type-security context field pair for every record type where you applied the OSLCLinks package.For example, if you applied the OSLCLinks package to the ALMTask and ALMRequest record types (whose security context fields are both named
SecurityPolicy
) and the REFERENCE field that you added in Step 2 is namedoslc_SecurityPolicy
, then your%security_fields_hash
table might look something like this:my %security_fields_hash = ( "OSLCLink" => "oslc_SecurityPolicy", "ALMTask" => "SecurityPolicy", "ALMRequest" => "SecurityPolicy"
- Check in the schema revision and upgrade your user database.
- To avoid changes to other parts of the OSLCLink record,
disable editing by running the packageutil setaccess subcommand
with the -modifiablebyowner option. Here again is the command-line
synopsis for the packageutil setaccess subcommand:
packageutil setaccess -dbset dbset_name user_name password schema_name -record -modifiablebyothers OSLCLink
For example:
packageutil setaccess -dbset 7.0.0 admin "" ALM -record -modifiablebyowner OSLCLink
The display output might be similar to this:
--- Checked out revision 4 of schema 'ALM' +++ Set access policy for OSLCLink to -modifiablebyowner +++ Set access policy for select records, fields, and actions