TMS Issue Tracking - QA and Production

Separation of Duty

User who creates something should not be able to approve it. How to restrict Admins?

We probably one a restricted Admin (no approval right), and a new role for transportation approvers

  • Kayvan Shadpour
  • Apr 27 2021
  • Product Triage
  • Attach files
  • Astrophel Evora commented
    May 24, 2021 20:23

    The previous note referred to QA role, Admin-V2, where setting most configurations to Read did not actually limit the ability to Write.


    Created in QA, Admin-V3, where I took it a step further and changed most settings to none, but added LSP Operations, and the user still had Write access. Need to confirm if LSP Operations matches the LH Manager role created for PRD.


    In any case, also need to copy over the LH Manager role to QA so we can test the Spend Delegation activity on that user role as well.

  • Kayvan Shadpour commented
    May 19, 2021 19:23

    Worked in QA with Geno to find the right role settings to limit Admin's access to rate setting, tendering, load building/altering.
    Geno will check previous notes with another client to get leads on applicable configs.