Why do i have to create a new rule for customizing web and application filtering for one user?

Question

Suppose I want to give temporary access to a particular user/ip/mac in restricted access group to some websites for 2 hours. After 2 hours the website will again be blocked for that particular user. So how do i accomplish this?Currently I have to make a rule specially above the restricted group rule for that particular user then after 2 hours need to off that rule. But this is a little time consuming and sometimes we can forget about deleting that rule. Any better method out there ?

This thread was automatically locked due to age.

Michael Dunn · Accepted Answer

Rather than creating another firewall rule you can create another rule in the web policy. Though in some ways this just moves the solution, policy rules are much easier to create. 
 Go to Web, Policies. Open the policy that the users are currently hitting. 
 Add Rule near the top. Set the user to the one you want to affect and Activities to AllWebTraffic (for unrestricted) or to the specific category you want to allow. Set the status to On. 
 When they are no longer allowed, set status to Off or delete the line. 
 Although you can also set Time Constraints, you can only select reoccurring time periods and cannot create a rule that automatically turns off in two hours.

Support Chn · Answer

There is an option available in sophos to provide access to specific ip without creating new policy.This will help only if application filter is not blocking the website. 
 Go to Web-Exceptions,Add exception and enter the domains and source ip and select skip policy checks ,https decryption etc. You can disable the exception whenever required.