Video Screencast Help
Symantec Secure Login will be live on Connect starting February 25. Get the details here.

Activity Center should respect security framework in regards to saved searches

Created: 25 Jun 2012
SK's picture
7 Agree
0 Disagree
+7 7 Votes
Login to vote

As a Role which just has Read permission to the “Manage > Computers” console menu item and to an Organization Group containing computer resources can save entities within a filter folder, this indicates that the Activity Center does not fully respect the security framework because saved searches are turned into filters and placed into the “Manage > Filters > Saved Search Filters” folder which has the Hidden attribute.

A "Create Saved Searches" permission or privilege needs to be created, so that a role can then be configured to either allow a user to create saved searches
or not.

The AC should also only display saved searches created by our products as well as those created by the currently logged on user.

It would also be nice if admins coulkd also have an option to allow searches they create to be displayed by all users too.

The current workaround is to schedule the following query once modified so that it runs sometime before the “NS.Hidden Purging Maintenance.{16290a7d-3cee-451e-b4d8-96c5784f12ec}” scheduled task runs, as it is that task which triggers the deletion of items listed in the ItemToDelete table.

SELECT i.[Guid], GETDATE() FROM Item i
JOIN ItemClass ic ON i.[Guid] = ic.[Guid]
WHERE ic.ClassGuid = '4D08AA06-AAE6-404C-A9CF-ED3152D354B1' --Altiris.ActivityCenter.SavedSearchItem
AND i.CreatedBy != 'AppId CreatedBy value'