For example, imagine you have a user named 'user' who has specific access rights for TIBCO BusinessConnect, and has membership in roleA and roleB, as shown in
Table 5.
For example, suppose that userA is defined in TIBCO Administrator User Management to have the total set of access rights as follows:
If you wanted to restrict the access rights of userA so that
userA would only have access rights for
tpA instead of for all participants, you could try to assign
userA to group '
tpA'. However that would not solve the problem as
userA would still have access rights to all participants and business agreements because of the logical ORing of userA's default access rights and the access rights of group 'tpA'.
To configure userA so that it only had access rights to tpA, you would need to clear the access rights for userA under Participant Permission > ALL and under
Business Agreements Permission > ALL and then add Group Membership to group '
tpA' for
userA. This will result in
userA only having access rights to
tpA as defined by group '
tpA'.
If userA is configured with TIBCO BusinessConnect User Management so that the default access rights for Participants and Business Agreements are cleared and userA is configured to belong to group '
tpA', this would result in
userA having Read permissions for participant
tpA and the business agreement associated with
tpA. The
userA would not get
Update or
Delete permissions because
userA was only granted
Read access for
Participants and
Business Agreements in its TIBCO Administrator User Management settings.