Access control and authorization

You can divide a Dimensions CM product into areas and define roles and responsibilities for each area.

Every operation is controlled by a privilege. Each privilege has a set of rules which grant the user permission to carry out the operation. Rules are flexible and enable administrators to control what each user can do based on the state of objects, the groups to which the user belongs, and the roles that the user holds.

To add more control, administrators can use additional process rules. For example, a user may have the Relate Item to Request privilege but cannot check out files against a change request if the request is in the closed phase of its lifecycle.

A role identifies users with similar responsibilities, for example, Developer or Reviewer. Roles are used in lifecycles to grant permissions to action objects. Roles are assigned to users according to the object’s place in the design structure and the user’s responsibilities.

Roles and privileges can also be used to control access depending on which design part an asset belongs to. For example, some source code may be owned by a design part called GUI, and privileges are configured so that only users with the Developer role for that design part can edit the code. If a user has the Developer role for a different part, for example Database, they can edit code owned by Database but not GUI.

For details about privileges, roles, and design parts, see Set up the process model.

Back to top

See also: