Function documentationAccess Control Management (ACM)

 

You can use access control management (ACM) to administer access authorizations granted by access control contexts (ACCs) and access control lists (ACLs).

Integration

You can also use ACM to control who has access to the documents in the CAD desktop. To do so, you must activate the integration of access control contexts in Customizing for CAD Desktop. If you use ACM in CAD desktop, users who want to edit documents in CAD desktop have to be assigned to the same context roles and have the same authorizations in the relevant contexts as users who edit documents in the PLM Web UI. For more information, see Access Control Contexts for Documents in CAD Desktop.

Prerequisites

In Customizing, you have made the settings for the Authorizations and Access Control Contexts (PLM-WUI-APP-ACC) component. For more information, see Customizing under Start of the navigation path Logistics - General Next navigation step Product Lifecycle Management (PLM) Next navigation step PLM Web User Interface Next navigation step PLM Web Applications Next navigation step PLM Authorizations and Access Control Context End of the navigation path.

Features

If you are a user with administrative roles, ACM offers you the following features:

  • You can control access to a set of objects by assigning them to access control contexts. On the access control context screens, you can create, display, change, and delete access control contexts. For more information, see Access Control Context.

  • You can administer context roles. These context roles grant users who are assigned to them access authorizations for contexts and their objects. For more information, see Administration of Context Roles.

  • You can transfer the ownership of objects from an access control context to an other context or assign objects to other contexts. For more information, see Administration of Object Transfers.

  • You can add users to user groups. These user groups help in managing authorizations in bulk when you use them with context roles. On the user group screens, you can create, display, change, and delete user groups. For more information, see User Group.

  • You can maintain exceptions to access authorizations at the level of individual objects by using access control lists. On the object screens, you can create, display, change, and delete ACLs. For more information, see Access Control List.

  • Before giving access to a selected object, the system can take authorizations granted by ACCs and ACLs into account. For more information, see Determination of Object Access.

  • You can display and analyze access authorizations of other users. For more information, see Display and Analysis of Access Authorizations for Other Users.

  • The system writes change documents when you change authorizations granted by ACCs or ACLs. For more information, see Creation of Change Documents.

  • You can archive authorizations granted by ACCs and ACLs. For more information, see Archiving of PLM Authorization Runtime Tables.

Regardless of whether you are a user with or without administrative roles, ACM can influence your work with PLM Web UI. For more information, see Impact of ACM on the Work with PLM Web UI.