TiCon offers a sophisticated authorization concept. It is possible to assign rights at the role (1), directly at the user (2) or at the user using a role (3).
It is possible to set rights at the user or at the role for the following categories:
•
Element configurations
•
Folder
•
Data cards
•
Print forms
Please note: |
There is no hierarchy for the permissions, i.e. there is no role or user with a parent function. Folder permissions have a special logic and correspond to the Windows’ logic. |
•Standard = Not authorized --> The permission has to be assigned intentionally. •Permission levels for: –Admin functions, folders, element configurations, data cards, print forms: > Read > Read/Write > Locked –Functions (except for the module functions): > Activated > Locked –Module functions: > Full license > Read-only license If the authorization “Standard (Not authorized)” has been assigned, then the role does not include or the user has not the special permissions. However, the user might receive the same permission from another role.  |
|
The following table shows the effective authorization, if permissions have been defined at more than one place. All places for permissions are treated equally.
The definition of permissions can be the setting at a role, user, element configuration, data card etc.
For roles / users, there is a tooltip for the column “Effective authorization”, which shows by which role a permission has been set or revoked. As soon as the permission of a role has been set to “Locked”, this function is “Locked” – regardless of whether another role has another authorization.
|
Permissions on folders only apply to this folder, not to its subfolders. “Read” is the minimum permission required to view a subfolder. •Ex. 1: Folder "Actual state" has the permission "Locked": This means that its subfolders cannot be accessed either. Authorization must be set to standard (not authorized). •Ex. 2: Folder "Optimization 1" has the permission "Read": This means that its subfolders can be accessed and individually assigned with permissions. •Ex. 3: Folder "Optimization 2" has the permission "Read/Write": This means that its subfolders can be accessed and individually assigned with permissions. •Ex. 4: Folder "Optimization 3" has the permission "Locked", the subfolders have individual permissions. This constellation prevents saving. A corresponding warning message assists with the correction of the settings.
For setting the folder permissions you can also use the context menu.
Context menu for folder permissions If there is a conflict concerning the permissions in a subfolder, for all parent folders a warning will be displayed. |
Observe the following when setting the rights for element configurations. In general, the authorization is as described under Effective right. In the following, the behavior is described using two examples. 1. Constellation cannot be saved Element type process element = Read/Write All element configurations, the standard (Not authorized) = Read/Write MTM Standard [MTM-HRS] = Read/Write MTM Analysis [AN] = Read
2. Correctly set permissions Element type process element = Read All element configurations, the standard (Not authorized) = Read MTM Standard [MTM-HRS] = Read/Write
|
