This sample role is for access control context administrators and allows the creation and maintenance of access control contexts (ACCs), access control lists (ACLs), objects, and user groups.
Caution
This role should be used as a demo role with demo users only. A demo role must not be used in a production system in case it contains wildcards “*” (asterisks) for parameters, which might grant too many authorizations to users. After copying this role to a production system, each authorization parameter containing an asterisk must be thoroughly checked before use.
Object Type |
Activity |
Description and Comments |
Corresponding Activity in Database Table TACT |
Document |
Create |
Creating document |
01 (Create or generate) |
Change |
Changing document |
02 (Change) |
|
Changing classification |
|||
Display |
Displaying document metadata |
03 (Display) |
|
Displaying classification |
|||
Delete |
Deleting document |
06 (Delete) |
|
Reuse |
Reusing document |
22 (Enter, Include, Assign) |
|
View Original |
Displaying document |
53 (Display Application Start) |
|
Administer |
Administering document |
70 (Administer) |
|
Analyze |
Analyzing document |
71 (Analyze) |
|
Printing document |
80 (Print) |
||
Change Status |
Changing status of document |
83 (Change status) |
|
Publish |
Publishing document |
PU (Publish) |
|
Create Version |
Creating document version |
V1 (Create version) |
|
Material |
Create |
Creating material |
01 (Create or generate) |
Change |
Changing material |
02 (Change) |
|
Changing classification |
|||
Display |
Displaying material |
03 (Display) |
|
Displaying classification |
|||
Maintain ACL |
Maintaining ACLs for material |
70 (Administer) |
|
Display ACL |
Displaying ACLs for material |
70 (Administer) |
|
Delete |
Deleting ACLs |
06 (Delete) |
|
Reuse |
Reusing ACLs |
22 (Enter, Include, Assign) |
|
Analyze |
Analyzing ACLs |
71 (Analyze) |
|
Publish |
Publishing ACLs |
PU (Publish) |
|
BOM |
Create |
Creating BOM |
01 (Create or generate) |
Change |
Changing BOM |
02 (Change) |
|
Display |
Displaying BOM |
03 (Display) |
|
Delete |
Deleting BOM |
06 (Delete) |
|
Administer |
Administering BOM |
70 (Administer) |
|
Analyze |
Analyzing BOM |
71 (Analyze) |
|
Publish |
Publishing BOM |
PU (Publish) |
|
Change number |
Create |
Creating change number |
01 (Create or generate) |
Contains the right to assign classification data (class, characteristics) and to maintain characteristic values |
|||
The Create activity is only possible with an owning context |
|||
Change |
Changing change number |
02 (Change) |
|
Changing classification |
|||
Display |
Displaying change number |
03 (Display) |
|
Displaying classification |
|||
Maintain ACL |
Maintaining ACLs for change number |
70 (Administer) |
|
Delete |
Deleting change number |
06 (Delete) |
|
Reuse |
Reusing change number |
22 (Enter, Include, Assign) |
|
Analyze |
Analyzing change number |
71 (Analyze) |
|
Display ACL |
Displaying ACLs for change numbers |
70 (Administer) |
|
Publish |
Publishing change number |
PU (Publish) |
|
Access Control Context |
Create |
Creating subordinate context views |
01 (Create or generate) |
The following views are visible:
The Objects view is not visible. You can view only those objects, for which you have authorization. |
|||
Display |
Displaying context |
03 (Display) |
|
Allows only access through the object navigator |
|||
The following views are visible:
The Objects view is not visible. You can view only those objects, for which you have authorization. |
|||
The Display activity is granted to any user who is assigned through a context role to a certain context |
|||
Analyze |
Analyzing context |
71 (Analyze) |
|
Allows display access using the ACC screen for audit purposes |
|||
All the views of the ACC are visible |
|||
Change |
Changing context |
02 (Change) |
|
Allows change access through the ACC screen |
|||
All the views of the ACC screen can be changed |
|||
Delete |
Deleting context |
06 (Delete) |
|
Assign |
Transferring or assigning objects to context (requires granting of the Publish activity in the source context also) |
78 (Assign) |
|
Assembly Group |
Create |
Creating assembly group |
01 (Create or generate) |
Change |
Changing assembly group |
02 (Change) |
|
Display |
Displaying assembly group |
03 (Display) |
|
Delete |
Deleting assembly group |
06 (Delete) |
|
Administer |
Administering assembly group |
70 (Administer) |
|
Analyze |
Analyzing assembly group |
71 (Analyze) |
|
Publish |
Publishing assembly group |
PU (Publish) |
|
Assembly Header |
Create |
Creating assembly header |
01 (Create or generate) |
Change |
Changing assembly header |
02 (Change) |
|
Display |
Displaying assembly header |
03 (Display) |
|
Delete |
Deleting assembly header |
06 (Delete) |
|
Reuse |
Reusing assembly header |
22 (Enter, Include, Assign) |
|
Extended Maintenance |
Providing extended maintenance for assembly header |
36 (Extended Maintenance) |
|
Administer |
Administering assembly header |
70 (Administer) |
|
Analyze |
Analyzing assembly header |
71 (Analyze) |
|
Maintain ACL |
Maintaining ACLs for assembly header |
70 Administer |
|
Display ACL |
Displaying ACLs for assembly header |
70 (Administer) |
|
Publish |
Publishing assembly header |
PU (Publish) |
|
Assembly Item |
Create |
Creating assembly item |
01 (Create or generate) |
Change |
Changing assembly item |
02 (Change) |
|
Display |
Displaying assembly item |
03 (Display) |
|
Delete |
Deleting assembly item |
06 (Delete) |
|
Extended maintenance |
Providing extended maintenance for assembly item |
36 (Extended Maintenance) |
|
Administer |
Administering assembly item |
70 (Administer) |
|
Analyze |
Analyzing assembly item |
71 (Analyze) |
|
Publish |
Changing assembly item |
PU (Publish) |
|
Product Family |
Create |
Creating product family |
01 (Create or generate) |
Change |
Changing product family |
02 (Change) |
|
Display |
Displaying product family |
03 (Display) |
|
Maintain ACL |
Maintaining ACLs for product family |
70 (Administer) |
|
Display ACL |
Displaying ACLs for product family |
70 (Administer) |
|
Extended Maintenance |
Providing extended maintenance for product family |
36 (Extended Maintenance) |
|
Delete |
Deleting product family |
06 (Delete) |
|
Analyze |
Analyzing product family |
71 (Analyze) |
|
Product Item |
Create |
Creating product item |
01 (Create or generate) |
Change |
Changing product item |
02 (Change) |
|
Display |
Displaying product item |
03 (Display) |
|
Delete |
Deleting product item |
06 (Delete) |
|
Reuse |
Reusing product item |
22 (Enter, Include, Assign) |
|
Extended maintenance |
Providing extended maintenance for product item |
36 (Extended Maintenance) |
|
Administer |
Administering product item |
70 Administer |
|
Analyze |
Analyzing product item |
71 (Analyze) |
|
Publish |
Publishing product item |
PU (Publish) |
|
Product Item Variant |
Create |
Creating product item variant |
01 (Create or generate) |
Change |
Changing product item variant |
02 (Change) |
|
Display |
Displaying product item variant |
03 (Display) |
|
Delete |
Deleting product item variant |
06 (Delete) |
|
Extended maintenance |
Providing extended maintenance for product item variant |
36 (Extended Maintenance) |
|
Administer |
Administering product item variant |
70 (Administer) |
|
Analyze |
Analyzing product item variant |
71 (Analyze) |
|
Publish |
Publishing product item variant |
PU (Publish) |
|
Product Variant |
Create |
Creating product variant |
01 (Create or generate) |
Change |
Changing product variant |
02 (Change) |
|
Display |
Displaying product variant |
03 (Display) |
|
Delete |
Deleting product variant |
06 (Delete) |
|
Extended Maintenance |
Providing extended maintenance for product variant |
36 (Extended Maintenance) |
|
Administer |
Administering product variant |
70 (Administer) |
|
Analyze |
Analyzing product variant |
71 (Analyze) |
|
Publish |
Publishing product variant |
PU (Publish) |
|
Product View |
Create |
Creating product view |
01 (Create or generate) |
Change |
Changing product view |
02 (Change) |
|
Display |
Displaying product view |
03 (Display) |
|
Delete |
Deleting product view |
06 (Delete) |
|
Reuse |
Reusing ACLs for product view |
22 (Enter, Include, Assign) |
|
Extended Maintenance |
Providing extended maintenance for product view |
36 (Extended Maintenance) |
|
Administer |
Administering product view |
70 (Administer) |
|
Analyze |
Analyzing product view |
71 (Analyze) |
|
Publish |
Publishing product view |
PU (Publish) |
|
Engineering Record |
Change |
Changing engineering record |
02 (Change) |
Display |
Displaying engineering record |
03 (Display) |
|
Administer |
Administering engineering record |
70 (Administer) |