Data Partitions

Contents
casm171
Contents
Data partitions are subsets of the database with restricted access to data records. Restrict access by defining a set of constraints for each data partition. Assign these data partitions to access types. The data partition assignment determines the records that the contact can access.
Create a Data Partition Constraint
HID_Data_Partition
Data partition constraints restrict the database record access for users that are assigned to the data partition.
Follow these steps:
  1. Select Security and Role Management, Data Partitions, Data Partition Constraints on the Administration tab.
    The Data Partition Constraints List page opens.
  2. Click Create New. 
    The Create New Data Partition Constraint page opens.
  3. Complete the data partition constraint fields, as appropriate.
  4. Complete the information in the tabs, as appropriate:
    • Constraint
      Specifies the criteria that controls the records in the table and can be viewed, created, updated, or deleted by a user that is assigned to the data partition. For example, you can specify that users can only update issues that are assigned to them. When a user in the data partition requests a record that does not match the condition then the record is read-only.
      Limit: 
      4000 bytes
    • SQL Translation
      Displays the constraint definition in SQL format. The condition that you entered on the Constraint tab is validated, and the underlying SQL WHERE clause is built. This translation is displayed on the SQL Translation tab for the verification.
  5. Click Save.
    The constraint is saved and added to the data partition.
Example: Create a Data Partition Constraint for CAB Assignments
You can create a data partition constraint that lets users update only change orders that are assigned to a CAB to which the logged in user belongs.
To create a data partition constraint for CAB change order user assignments, assign the following constraint values for a Change_Request controlled table in a data partition:
  • Constraint type: Pre-Update
  • Constraint specification: cab.[group]group_list.member IN (@root.id)
The logged in user can only update change orders that are assigned to a CAB to which the user belongs.
Constraint Definition
Specify the condition in Majic format (the metalanguage used to define CA SDM objects).
If the Constraint Type is View, the condition can include joins to other tables and references in the form @root.att_name to Majic attributes in the contact record for the logged-in user. Otherwise, it cannot include joins to other tables, but it can include references in the form @root.att_name to Majic attributes in the contact record for the logged-in user.
If the Constraint Type is Defaults, you may specify one or more assignment statements, separated by semicolons, which specify values to be assigned to empty fields in a new record at the time the record is stored. The syntax of each assignment statement is:
att_name=value
where att_name is the name of a Majic attribute from the record, and value can be an integer, a string enclosed in quotes, or a reference in the form @root.att_name to a Majic attribute in the contact record for the logged-in user. The way CA SDM uses default values depends on the table they affect.
For tables updated by CA SDM, such as Issues, default values are placed into the record at the time it is displayed, and are shown on the initial display of a new record. A default value can be assigned to a reference field (a Majic SREL) by coding it in the form of a persistent ID (a table name followed by a colon and an integer ID). For example, you might set a default value for category by including the following in the Defaults specification:
category='PCAT:12345'
where 'PCAT' is the target of the SREL, as shown in the Majic file, and 12345 is the ID number of the desired category. You can list persistent IDs for a table with a command of the form:
bop_odump domsrvr pcat "" sym
Data Partition Constraints Fields
Complete the following fields to add or modify the data partition constraint fields:
  • Data Partition Name
    Specifies the name of the data partition for which the constraint being defined.
  • Table Name
    Specifies the database table that is controlled by the constraint.
  • Constraint Type
    The type of constraint being defined. There are six constraint types for each table in a data partition.
    • Create
    Specifies the criteria that must be met before creating a record. When a user in the data partition attempts to create a record that does not match the create test condition, CA SDM displays the error message that is associated with the constraint and does not save the record.
    • Defaults
    Specifies one or more assignment statements, separated by semicolons, defining values to be assigned to empty fields in a new record at the time the record is stored. The syntax of each assignment statement is, where 
    att_name
     is the name of a Majic attribute from the record, and 
    value
     can be an integer, a string that is enclosed in quotes, or a reference in the form @root.
    att_name
     to a Majic attribute in the contact record for the current user:
    att_name=value
    For tables updated for tickets, default values are placed into the record at the time it is displayed and are shown on the initial display of a new record. You can assign a default value to a reference field (a Majic SREL) by coding it in the form of a persistent ID. A persistent ID is an object name followed by a colon and an integer ID. For example, you can set a default value for category by including the following in the defaults specification, where PCAT is the target of the SREL (as shown in the Majic file) and 12345 is the ID number of the desired category:
    category='PCAT:12345'
    You can list persistent IDs for an object using a command of the form:
    bop_odump domsrvr pcat "" sym
    • Delete
    Specifies the criteria that must be met to delete a record. When a user in the data partition attempts to delete a record that does not match the delete condition, CA SDM displays the error message that is associated with the constraint and does not delete the record.
    • Pre-Update
    Specifies the records in the controlled table that a user can update in the data partition. When a user in the data partition requests a record that does not match the pre-update condition, CA SDM makes the record read-only and displays the error message that is defined with the constraint.
    • Update
    Specifies the criteria that must be met when a record is saved. When a user in the data partition attempts to save a record that does not match the update condition, CA SDM displays the error message that is associated with the constraint and does not save the record.
    • View
    Specifies the records in the controlled table that a user can view in the data partition. This constraint is automatically applied to all lists selected by a user in this data partition, in addition to any selection criteria explicitly specified by the user.
    View can include joins to other tables and references in the form @root.
    att_name
     to Majic attributes in the contact record for the current or logged-in user. The valid examples are:
    requestor.organization = @root.organization requestor.organization.name = 'MIS' assignee = @root.id assignee.organization = @root.organization
    The Create, Delete, Pre-Update, and Update constraint types now support joins to other tables. They can also include references in the form @root.attribute to attributes in the contact record for the current user.
  • Record Status
    Indicates whether the constraint is active or inactive.
  • Error Message
    Specifies the message returned to the user, if the constraint criteria is not met. For example, "You can only update issues assigned to you" or, "You can only create issues for your organization" or, "You can update your contact record but cannot change the data partition."
Create a Data Partition
A data partition is a subset of a CA SDM database. Data partition controls a user access to tickets and other data records based on their content.
Follow these steps:
  1. Select Security and Role Management, Data Partitions, Data Partitions List on the Administration tab.
  2. Click Create New.
  3. Complete the fields as appropriate:
    • Data Partition
      A unique identifier for the data partition.
    • Record Status
      Record status whether the partition is active or inactive.
  4. Click Save.
  5. Click New Constraint and attach constraint definitions to the partition.
  6. Click Save.
    The data partition is saved with the data partition constraint.
View Data Partitions Controlled Tables
Controlled tables are tables to which you can restrict user access through partitioning.
You cannot add or delete controlled tables or change their object names.
Follow these steps:
  1. Select Security and Role Management, Data Partitions, Data Partitions Controlled Tables on the Administration tab.
    The Controlled Tables list appears.
  2. (Optional) Click Show Filter and complete one or more of the search fields.
  3. Select the name of the table you want to view.
    The Controlled Table Detail page appears.
Data Partition Controlled Tables Search Fields
  • Table Name
    -- The database table controlled by the constraint.
  • Object
    -- The database object related to the controlled table.
  • Description
    -- A text description of the controlled table.
  • Record Status
    -- Indicates whether the constraint is active or inactive.