This article applies to BoKS Manager 7.0.0.
The BoKS web GUI, FoxT Control Center (FCC), uses a bccasd function to determine which operations the user might be allowed to execute. In some cases, when queried about reading any object where the rule specifies that only some objects may be read (for instance those where the name matches a certain pattern), it would return a false negative. This would cause FCC to hide or disable functions which should be visible and enabled.
Note that this is a usability issue, not a security issue. If the user is allowed to attempt an operation, the real Attribute Based Access Control (ABAC) check at execution time will be correctly evaluated.
Resolution / Workaround
Apply hotfix HFBM-0095, available for download from the HelpSystems Community Portal.
This hotfix includes corrected ABAC code where the problem has been fixed. This also includes two new operators for the "match" expressions in ABAC rules which improves the expressive power of the syntax: "in~" and "in?", which allows pattern matching in lists. (Analogous to "=~" and "=?").
Still have questions? We can help. Submit a case to Technical Support.