Configure user access - SmartPlant Foundation - IM Update 46 - Help - Hexagon

SmartPlant Foundation Web Client Help

Language
English
Product
SmartPlant Foundation
Search by Category
Help
SmartPlant Foundation / SDx Version
10

Access control configures what is exposed to each user in the feature sets and actions menus of objects, and what objects are returned from any search or relationship expansion. The user roles consist of sets of access groups that grant access to commands and relationship expansions grouped together by functional operation. The filtering of data items returned to the user is governed by security rules defining which access groups can see what data items based under different conditions.

  • Existing security rules can be modified. For example, to filter documents based on a new custom property.

  • Method, entry point, and relationship access can be removed or modified. For example, to remove a search option.

  • Access groups should not be removed from existing roles.

  • New custom access groups can be added to existing roles. For example, to expose new data structure management.

What do you want to do?

What are the rules for changing the access control?

Security rules

  • Security rules provide conditional access to data items by access group. These rules can be freely edited, for example, to change the conditional filter or the access group for the rule.

Command and relationship access

  • Method, entry point, and relationship access is granted by access groups, and these can be removed or replaced.

    • Each role has a role-specific access group to allow commands to be specifically exposed to each role.

    • A common change is to remove a method from a general access group that is on many roles and add it to one or more role-specific access groups to limit its availability.

  • The conditions used on the methods cannot be changed.

  • You can create new access groups to expose new methods, entry points, and relationships.

  • You can edit the relationship access group configuration for info map and so on.

Roles

  • Existing roles can be extended with custom access groups, but existing access groups cannot be removed.

  • New roles can be created with any mix of existing or new access groups.