Show TOC

Function documentationAuthorizations in Portfolio Management

 

Access control lists (ACLs) in Portfolio Management are used to define authorizations at object level. The following objects in Portfolio Management use ACLs:

  • Portfolio

  • Bucket

  • Item

  • Initiative

  • Review

  • Collections

  • Decision Points

Features

The following activities are supported on the above business objects:

  • None: The user to which this activity is assigned has no authorization for the business object.

  • Read: The user to which this activity is assigned has authorization to read the data of the specified business object.

  • Write: The user to which this activity is assigned has read authorization and also has authorization to change the data of the specified business object.

  • Create: The user to which this activity is assigned can create objects under that business object.

  • Admin: The user to which this activity is assigned has write authorization. He or she also has authorization to assign ACLs to other users for the business object, and can perform the additional activities specific to the following business objects:

    • Portfolio: Create/delete and administrate all business objects below the portfolio.

    • Bucket: Create/delete and administrate items, reviews and collections assigned to the specific bucket. Reassign items to other buckets for which the user also has administrative access.

  • Owner: The user to which this activity is assigned is identified as the business owner or responsible person of the specified business object. This activity is a purely informative activity and provides no specific authorizations for the business object.

    The owner activity is not available for initiatives.

For more information, see Authorization Inheritance.