Allow Users To Modify Content in Any Collaborative Space They Have Access To

This access rule determines if users can modify content, including creating revisions, in any collaborative space defined by any of their active or passive credentials, as long as their access level allows it. Be default, this access rule is activated. This access rule does not grant access for users to create content in a passive set of credentials if they do not have create access within that set of credentials. This access rule does not affect the Owner/Owner (Restricted) access role privileges. You must be logged into the collaborative space (active credentials) to achieve repair or exception tasks.

This access rule is affected by several other access rules.

This page discusses:

See Also
Consider User's Organization Assignment on Content Category
Allow Usage of Private Content From Any Collaborative Space Users Have Access To
Rules that Configure Ownership

Write Access Ownership Restrictions

The Allow users to modify content in any collaborative space they have access to access rule does not override these access rules:

  • Allow write access only to the Contributor who is responsible for the Content
  • Allow write access only to the Author who is responsible for the content

When these access rules are active (both are deactivated by default), the user must own the content to modify it, or have the Leader/Leader (Restricted) role.

Lock Content

If the Lock content before modification access rule is active (it is activated by default) and the content is locked, the user must be the person who locked it to modify the content.

Strict Ownership Restrictions

On premises only: This access rule works in combination with Only users that belong to the organization that owns the content can modify that content (activated by default). That access rule restricts modify access to the organization of the user's current credentials.

The examples in this section show a user who is assigned two sets of credentials:

  • Author.Org1.CollabSpace1 active credentials (logged in using this role, organization, and collaborative space)
  • Author.Org2.CollabSpace2 passive credentials

The example content in the examples are owned by these organizations and collaborative spaces:

  • Org1.CollabSpace1
  • Org2.CollabSpace1
  • Org2.CollabSpace2

You can keep the default settings for both access rules:

  • Allow users to modify content in any collaborative space they have access to is activated
  • Only users that belong to the organization that owns the content can modify that content is activated

With the active credentials Author.Org1.CollabSpace1, this user can modify content owned by Org1.CollabSpace1. The user's passive credentials also grants access to content owned by Org2.CollabSpace2. However, because of the strict ownership defined by the Only users... access rule, this user cannot access content owned by Org2.CollabSpace1 (no passive credentials exits for that combination for this user).

You can deactivate this access rule:

  • Allow users to modify content in any collaborative space they have access to is deactivated
  • Only users that belong to the organization that owns the content can modify that content is activated

With the active credentials Author.Org1.CollabSpace1, this user can only access content owned by Org1.CollabSpace1 (the active credentials).

You can deactivate both access rules:

  • Allow users to modify content in any collaborative space they have access to is deactivated
  • Only users that belong to the organization that owns the content can modify that content is deactivated

With the active credentials Author.Org1.CollabSpace1, this user can modify content owned by Org1.CollabSpace1 and Org2.CollabSpace1. When deactivated, this access rule restricts the user to the collaborative space of the active credentials (CollabSpace1). Because the Only users... access rule is also deactivated, modify access is not restricted to the owning organization. Since this restriction is removed, the user can modify content owned by Org2.

Private Content from any Collaborative Space

You can assign restricted roles to partners, such as suppliers, so that those users can only access content owned by their organization and in that collaborative space. Or, you can use the collaborative space structure described in the following paragraphs.

When a host company lets their suppliers access the 3DEXPERIENCE platform, you can use this access rule plus the Allow usage of private content from any collaborative space users have access to access rule (activated by default) to manage write access for supplier users.

For example, a system includes two organizations: an OEM (OrgOEM) and a Supplier (OrgSup). Each organization has a collaborative space: CollabSpaceOEM and CollbSpaceSup. A person working for the supplier has been given the Author role for that supplier, and a Reader role for the OEM resulting in these sets of credentials:

  • Author.OrgSup.CollabSpaceSup
  • Reader.OrgOEM.CollabSpaceOEM

This configuration lets the supplier person create and manage all of the supplier's content, but only read the OEM's content. If the Only users that belong to the organization that owns the content can modify that content access rule is active, the aggregated content must belong to the same organization as the aggregating content. In addition, the above person only has the Author role for content belonging to the OrgSup organization, and can only add aggregated content owned by OrgSup to component content also owned by OrgSup.

You must deactivate the Only users... access rule to allow the access described here.

When the person logs in using the Reader.OrgOEM.CollabSpaceOEM credentials, Author.OrgSup.CollbSpaceSup is their passive credentials. That person can create or delete aggregated content (such as an MCAD Drawing for a product) in the CollbSpaceSup collaborative space based on their passive credentials, because they have the Author role in that context. The person can do their job without having to switch credentials and change their active credentials.

The above person can also perform these operations:

  • Create or delete a publication
  • Create or delete an instance
  • Insert or delete a composed representation

This rule applies to aggregation of data. If the person needs to create a component, such as a Physical Product, the person must switch credentials to the Author.OrgSup.CollbSpaceSup credentials.

This access rule does not allow this person to perform any of the above actions (aggregation) in the CollabSpaceOEM collaborative space. In that space (regardless of whether it is the active or passive credentials), the person only has the Reader role.

You could configure the 3DEXPERIENCE platform with a collaborative space shared by both the OEM and the supplier. In this case, the supplier person's credentials would be:

  • Author.OrgSup.CollabSpace
  • Reader.OrgOEM.CollabSpace

With this configuration, the supplier person (with Reader.OrgOEM.CollabSpace as the active credentials), can create or delete aggregated data for content owned by OrgSup, and aggregate content for content in CollabSpace owned by OrgOEM, because the passive credentials grants authoring capabilities to the CollabSpace collaborative space.