How do I make some queues visible by some users only?
2008-05-26In order to make sure that some users (e.g. supervisors) can only see their queues, you
should use QM's security model. When you protect something with a key, this
means that you protect it (physically speaking) with a lock that opens if the
user holds that key in his keyring. You know that eash user has a keyring, that
is the sum of the keys that belong to his current class plus the keys that he
individually has.
So, if you have a number of supervisors and a number of queues, you could protect each queue individually with a different key, and then give each supervisor individually the required key.
For example, you can do this:
Please note that if you have an aggregate queue, only the key protecting the aggregate queue will be ckecked, i.e. the checks on the members will NOT be performed (so you can have an aggregate queue that behaves differently in security terms from the set of its members, if you need it).
So, if you have a number of supervisors and a number of queues, you could protect each queue individually with a different key, and then give each supervisor individually the required key.
For example, you can do this:
- queueA -> key KA
- queueB -> key KB
- queueC -> no key
- queueD -> key KD
- queueE -> key KE
- supervisor Alice -> keys KA and KD
- supervisor Bob -> keys KB and KE
Please note that if you have an aggregate queue, only the key protecting the aggregate queue will be ckecked, i.e. the checks on the members will NOT be performed (so you can have an aggregate queue that behaves differently in security terms from the set of its members, if you need it).