Inheritance Rules

Use inheritance rules to define ownership or access details that can be assigned to an object on the to or from end of a relationship when a connection is made based on the criteria defined in the rule. For example, if you add a document to a Bookmark, you can define an inheritance rule to add access to that document. If the document is removed from the Bookmark, any access granted by the inheritance rule is removed from the document.

For more information, see MQL Command Reference: inheritancerule Command.

When defining an inheritance rule, you specify a relationship and whether the ownership or access operates on the object at the from or to end of the relationship. Include clauses in the rule, based on object types and policies, that define when this inheritance rule should be applied.

To define the from and to criteria for an inheritance rule, specify the object type and policy type. You can specify all for the type or policy. For example: 

 add inheritancerule SoftwareRule operateson to appliesto
	ProductRelationship ownership SoftwareOwnerRI from type Part,Product
	policy all to type "Software Product" policy "Software Development" as
	show,read

In this example:

  • SoftwareRule is the name of the inheritance rule
  • operateson to defines which end of the relationship the specified ownership or access will be applies (in could also be operateson from)
  • appliesto ProductStructure defines the relationship that when used to connect two objects, the system checks the criteria for from and to below to determine if this inheritance rule should be applied
  • ownership defines ownership inheritance (you can also define access inheritance)
  • SoftwareOwnerRI defines the name of this rule item (an inheritance rule can contain multiple rule items)
  • from type Part,Product policy all defines the from side of a relationship
  • to type "Software Product" policy "Software Development"defines the to side of a relationship

  • as show,read defines the specific accesses granted by this rule

The interpretation of the above inheritance rule is that whenever an app uses the ProductStructure relationship to connect an object of type Part or Product being governed by any policy to an object of type Software Product being governed by the Software Development policy, then the shown access (show,read) is added to the ownership of the Software Product (the to side of the relationship as defined by operateson).

When the app determines that the criteria for an inheritance rule have been met, it adds a comment to the business object (as defined by the operateson and from or to clauses) in this format: 

	enorule_<rel_pid>_<tenant_id>_<rule_id>_<rule_item_id>

Where:

  • enorule is the prefix that represents auto-generated inheritance
  • rel_pid is the physical id of the connection object
  • tenant_id is the tenant id
  • rule_id is the inheritance rule id
  • rule_item_id is the id of the specific rule item within the inheritance rule

Whenever a modify, delete, or reroute connection operation occurs, the system re-evaluates all the related inheritances for the affected object. For example, a connection exists between BusObject1 and BusObject2, and an inheritance rule applies to BusObject 2 based on that connection. If you move the relationship from BusObject2 to BusObject3, the inheritance rule on BusObject2 is removed and the inheritance rule is applied to BusObject3 (if the criteria of the rule are still met).