What are Roles & Role Profiles - Intergraph Smart Completions - Intergraph Smart Completions Update 17 - Help - Hexagon

Intergraph Smart Completions Help (5.3.17)

Language
English
Product
Intergraph Smart Completions
Search by Category
Help
Smart Completions Version
5.3.17

Roles, Role Profiles and Rights can be configured within the system. While Smart Completions offers a full suite of roles (and their rights-assignments) against managers, projects can configure their own, specific roles. If you need to configure roles and rights, that you open a Service Request through Smart Support to discuss what you need to create. The role profiles and role configurations are database wide. For this reason, only trusted administrators should be granted access to roles, User Application and Resources.

When defining the Roles, Role Profiles and Rights, the following definitions apply:

  • System User = a person or resource

  • Role = a function which defines access to specific managers

  • Rights = permissions granted to perform a specific action within a specific manager, by a specific role.

  • Role Profile = a group of roles defining the ‘authority/access’ levels

Although it’s easy to confuse role profiles and rights / permissions sets with roles, both control two very different things. Roles primarily control a user’s record-level access permissions against various managers.

Designating a Role or Role Profile as "Admin" will protect that profile and the rights associated with it. Any user with a role that includes "Manage" rights can assign roles to themselves and other users. If a Role Profile is designated as "Admin," then it is only available to certain administrative users. In this way, you can allow some users to create and assign roles, but limit their capability for high level administrative rights. For instance, one of these users cannot use the Role Profile or Roles manager to grant him/herself additional rights. Only users with these admin roles assigned to them will be able to see these check marked roles in the manager.

Responsible Companies: This feature is for each user to facilitate the working of the same Company. So user with selected companies in the drop down Responsible Companies will restrict the user to work on the records with matching responsible company field for whichever manager the responsible company is enabled.

Responsible Companies

The enhancements to the rights boundaries are applied using two methods:

  1. Limiting of content that a user can see would be done by using workgroup and responsible company associations. This is done both at the user edit form, and user application module, by module/application. By selecting YES to Use Workgroup or Use Responsible Company for any application (SC module). This will automatically filter content for the user when the user has the same workgroup and company as the content (e.g. punch records).  The user will be able to see only the items that have the same workgroup and company mapping. 

    Right Boundaries-1

    You will only see what they can edit. 

    • The system admin will go into vUserApplications, filter for desired module, select Workflow settings and select either (or both) responsible company and workgroup. This will set the requirement that content to be shown to the user will consider the users assigned workgroup and company.

    • The system admin will assign respective users a workgroup and company.

  2. The Rights Boundaries as defined for a user (optional), will further restrict the content a user will see, and able to edit, based on Areas, Systems, and Stages.

    Right Boudaries- 2

    When ever your positions and responsibilities or rights boundaries are modified, you need to restart your application by logging out and then logging in back. This will ensure your modified access is assigned properly and you can view the application with the newly modified access.