| Restrict access to a user interface component-such as a menu
item, link, table column, or form page row-when the UI is
constructed using configurable components |
Configure the appropriate dynamic UI object to restrict access
based on roles, access privileges, select expressions, or the result
of a JPO. For more information, see Legacy ENOVIA Web Apps
Customization Guide. |
| Disable read access checking for a single user |
In the user's person definition, make the person a Trusted user.
|
| Grant one user's accesses for an object to another user |
Have the user grant access to the other user. |
| Prevent a user from performing a particular task for all objects |
Deny access in the user's person definition. For example,
suppose you have a user who continually overrides the signature
requirements for a business object. You could remove the override
access from this person by including !override in
the user's person definition. Then, even if the person is allowed
this access through a policy, the access is denied. |
| Control access in different states of an object. |
Create groups, roles, and associations that represent a set of
users with shared access requirements. Define a policy that allows
the public only minimum access and then assign owner and user access
as required. |
| Allow only a certain group, role, person, or association to be
able to create a specific type of object |
In the policy that governs the object type, edit the access for
the first state as follows:
- Deny create access for the owner and public
- Add a user access for the user, role, group, or association
and assign create access.
|
| Allow only certain users to execute a program |
Define a rule for the program. Assign execute access to the user
category that needs to run the program. |
| Allow all users to view a form but only some to modify it |
Define a rule for the form. Assign the viewform access to the
public and assign the modifyform access to the user category that
needs to edit the form. |
| Hide an attribute's value from certain users |
Define a rule for the attribute. Deny read access to the public
and grant it to the user category that should see the value.
|
| Hide an attribute from all users |
Make the attribute hidden in the attribute definition. When an
administrative object is hidden, users do not see any evidence of it
in 3DSpace. |
| Allow certain users to create connections of a certain type |
Define a rule for the relationship type. Assign create access to
the user category that needs to create the relationship, ensuring
that they also have toconnect and fromconnect in the policies
governing the types at each end. |
| Allow certain users to remove connections of a certain type |
Define an access rule for the relationship type. Assign delete
access to the user category that needs to remove the relationship,
ensuring that they also have todisconnect and fromdisconnect in the
policies governing the types at each end. |
| Allow certain users to freeze and thaw relationships of a
specific type, change the relationship type, and modify attributes |
Define an access rule for the relationship type. Assign freeze,
thaw, changetype, and modify access to the user category that needs
to perform these tasks. |
| Allow access based on specific attribute values of an object's
instance. |
Define an access filter in the policy such as filter
attribute[TargetCost] >
attribute[ActualCost]. |