Users can delete and create Custom Fields without the required privilege in Empower - WKB10664
Article number: 10664
SYMPTOMS
- User able to delete and create Custom Fields, even though the user type does not have the "Delete Custom Field" and "Create Custom Field" privilege
ENVIRONMENT
- Empower 3 Feature Release 3
CAUSE
- "Alter Any Project" as a privilege is selected
- PCS 46581 ( See Link below)
FIX or WORKAROUND
For more granular control of project privileges, assign them on an individual basis, rather than assigning the Alter Any Project privilege.
ADDITIONAL INFORMATION
Alter Any Project user privilege is modify all project properties (name, quota, access, custom fields, and so on) for a project.
The Alter Any Project privilege is an umbrella or supervisory privilege for projects. It overrides the lack of any of these privileges:
- Change Project Parent
- Change Project Owner
- Change Project Quota
- Alter Custom Fields
- Lock Custom Field
- Create Custom Field
- Unlock Custom Field
- Delete Custom Field
- Alter Project Type
- Lock Project
- Unlock Project
Related PCS
PCS 51624 : Alter Any Project privilege required to lock or unlock projects
PCS 46581 : Users can create custom fields without required privilege
id10664, EMP2LIC, EMP2OPT, EMP2SW, EMP3GC, EMP3LIC, EMP3OPT, EMP3SW, EMPGC, EMPGPC, EMPLIC, EMPOWER2, EMPOWER3, EMPSW, SUP