SmartObject Security delete option deprecated in K2 Five 5.2 and Cloud Update 6

  • 16 February 2021
  • 0 replies
  • 152 views

Userlevel 5
Badge +20
 

SmartObject Security Delete and Publish option Deprecated

KB002667

PRODUCT
K2 Cloud

 

Beginning with K2 Cloud Update 6 and K2 Five (5.2), the SmartObject delete right is only available when using the Authorization Framework. In K2 Cloud  Update 7, the SmartObject publish right is deprecated and is now the Create right  in the Authorization Framework. Use this article to recreate permissions to delete and publish (create) SmartObjects if you've used this in previous releases.

 

 

 
Delete Right

In the K2 Cloud Update 6 and K2 Five 5.2 release, the Delete right in the SmartObject Security node in K2 Management is deprecated, and all Delete rights are reset on upgrade. You can recreate these rights using the Authorization Framework.

After upgrade, the Delete right is set to Allow on the Everyone role (which includes all users) on all objects as shown here.

Image

Any Delete rights that you configured using the SmartObject Security node prior to upgrade are no longer applied and the  Delete option in the SmartObject Security node is disabled as shown here. Use the disabled Delete permissions in the SmartObject Security node in K2 Management as a reference when reapplying delete permissions after you upgrade.
Image

To recreate delete rights for SmartObjects, use the Delete permission of the Authorization Framework.

This change does not affect existing SmartBox security rights set on SmartBox SmartObjects using the K2 Management > Integration > SmartBox Security node. Only the legacy SmartObject Security that you previously set using the K2 Management > Integration > SmartObject Security node is affected by this change.

Recreate Delete Rights Post Upgrade

To recreate SmartObject Delete rights after upgrade, follow these steps:

  1. Browse through your SmartObjects on which you previously configured the Delete right, and make note of the users, groups or roles to which you granted this right.
  2. On each SmartObject that you configured these rights, break inheritance and remove the Delete right from the Everyone role.
  3. Grant Delete rights to users, groups, and roles that you had previously configured on each SmartObject. K2 recommends granting these rights to groups at the category level for easier maintenance.
 
Publish Right

In the K2 Cloud Update 7, the Publish right in the SmartObject Security node in K2 Management is deprecated, and all Publish rights are reset on upgrade. You can recreate these rights using the Authorization Framework.

After upgrade, the Create right is set to Allow on the Everyone role (which includes all users) on all objects as shown here.
Image

Any Publish rights that you configured using the SmartObject Security node prior to upgrade are no longer applied and the Publish option in the SmartObject Security node is disabled as shown here. Use the disabled Publish permissions in the SmartObject Security node in K2 Management as a reference when applying Create permissions after you upgrade.
Image

To recreate Publish rights for SmartObjects, use the Create permission of the Authorization Framework.

This change does not affect existing SmartBox security rights set on SmartBox SmartObjects using the K2 Management > Integration > SmartBox Security node. Only the legacy SmartObject Security that you previously set using the K2 Management > Integration > SmartObject Security node is affected by this change.

Recreate Publish Rights Post Upgrade

To recreate SmartObject Publish rights after upgrade, follow these steps:

  1. Browse through the SmartObject Secuirty node on which you previously configured the Publish right, and make note of the users, groups or roles to which you granted this right.
  2. On the Categories node, break inheritance and remove the Everyone role.
  3. Grant Create rights to users, groups, and roles that you had previously configured in SmartObject Security node, on the Categories node. K2 recommends granting these rights to groups at the category level for easier maintenance.

 


0 replies

Be the first to reply!

Reply