IBM Support

PM27344: While using CPS, user of type Standard (in CPS) can approve and apply a Group of CP's (of type Master)

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • While using CPS, user of type Standard (in CPS) can approve and
    apply a Group of CP's (of type Master)
    
    Steps to reproduce:
    - Configure a CPS
    - Add User A with 'CP Standard' role.
    - Login to DOORS as User A
    - Create a Group with name StandardUserGroup, of type Master.
    - Submit a CP choosing the Group - StandardUserGroup
    - Now, open CP Partner
    - Click on Tools -? Change Proposal System -? Manage Groups
    - Select the StandardUserGroup
    - Click on Review.
    - Select the state to be Approved and click on Save button.
    - Click OK to close the Review dialog.
    - Now, click on the Apply button.
    - The Group of CP is applied.
    
    Expected Behavior:
    User with Standard role in CPS should not be allowed to review
    and approve any CP (including ones in a group).
    
    Actual Behavior:
    User with Standard role is able to approve his own CP's, by
    using Group mechanism
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    Standard user must not be allowed to review any CPs. The
    problem was user with standard role in CPS was allowed to
    review and approve CPs submitted under a master group.
    

Problem conclusion

  • Only the owner of the Master group can review CPs under that
    Master group. Since this is against basic rule of not
    letting the standard user approve any CP, Master Group
    status for standard user who is the owner of that Master
    group is disabled and CP Manager is given the authority to
    review CPs under Master group submitted by Standard user.
    
    Each Change Proposal present in the group is verified to see
    if the current user has a Standard role in any CPS, for
    which a Change Proposal is submitted under that group. If
    the current user has a standard role in at least one of the
    CPS (using which the CP was submitted as part of the group
    being edited), then the GroupStatus button is disabled
    
    Group type behavior for a standard user remains unchanged
    

Temporary fix

Comments

  • This happens in versions of DOORS prior to DOORS 9.3.0.6
    

APAR Information

  • APAR number

    PM27344

  • Reported component name

    TLOGIC DOORS

  • Reported component ID

    5724V61DR

  • Reported release

    920

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2010-11-23

  • Closed date

    2011-12-02

  • Last modified date

    2011-12-02

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TLOGIC DOORS

  • Fixed component ID

    5724V61DR

Applicable component levels

  • R920 PSN

       UP



Document information

More support for: Rational DOORS

Software version: 9.2

Reference #: PM27344

Modified date: 02 December 2011