Access Control

Once the basic security setup is completed in EPM SA, data access control is configured in Cobra.

Each file type in Cobra—such as project, calendar, resource, rate, code, report, and configuration—includes a Properties dialog box and a New File Wizard, both featuring Access Control. This Access Control allows you to secure files and assign access rights to individual users or groups. When a group is granted access to a file, the primary role of each user in the group determines their level of access within the file, unless an overriding role is specified. For instance, a user’s primary role will dictate whether they can edit the budget in a project.

File	Access Control Tab	Access Control Page
Project	Access Control Tab of the Project Properties Dialog Box	Access Control Page of the New Project Wizard
Calendar	Access Control Tab of the Calendar File Properties Dialog Box	Access Control Page of the New Calendar File Wizard
Code	Access Control Tab of the Code File Properties Dialog Box	Access Control Page of the New Code File Wizard
Rate	Access Control Tab of the Rate File Properties Dialog Box	Access Control Page of the New Rate File Wizard
Report	Access Control Tab of the Report Properties Dialog Box Access Control Tab of the Add Batch Report Dialog Box Access Control Tab of the Edit Batch Report Dialog Box	Access Control Page of the Report Wizard
Integration Configuration	Configuration Security Dialog Box	Access Control Page of the Integration Wizard-Actuals Access Control Page of the Integration Wizard-Ancillary Access Control Page of the Integration Wizard-Scheduling Tools
wInsight Configuration		Access Control Page of the wInsight Wizard
Cost Data Configuration		Access Control Page of the Cost Data Wizard
Batch Reports	Access Control Tab of the Add Batch Report Dialog Box Access Control Tab of the Edit Batch Report Dialog Box

To provide access control to a file, you must be either one of the following: a member of the SYSADMIN group, owner of the file, or have OWNER_DELEGATE rights on the file.

Field	Description
Owner	This field displays the user ID of the owner of the file. By default, this field displays the user ID of the user creating the file. You can only assign a single owner to each file. Note: This field is always disabled unless you are the owner of the file, or a member of the SYSADMIN group. To change the Owner field of a particular file, use the Access Control tab of the file’s Properties dialog box.
User	Users refer to individuals who can be given the right to open and view the file.
Group	Groups are composed of individual users and provide a convenient way of assigning multiple users rights to the file. A user can be a member of any number of groups. The SYSADMIN group is a special group that has access to administrative information. Use the WORLD group to easily provide access to all users. For example, use this group to provide all users with read access to the integration configuration. All users you define in the EPM Security Administrator (EPM SA) automatically become members of the WORLD group in Cobra. Since this special group does not require you maintain the users, you cannot select the WORLD group in the Group list in EPM SA. Alternatively, you can add the WORLD group to the Access Control tab and select the Read-only option, allowing all users to view but not edit the data.
Role	Roles define the permissions of a user set in EPM SA. Changing this field does not override the primary role defined in EPM SA.
Read Only	When selected, this option allows the file creator or any member of the SYSADMIN group to grant Read Only access to a user or group. For existing files, only the owner or a member of the SYSADMIN group can change the security settings, delete, and restore the file. You can assign multiple users, groups, or roles to a file.

Cobra Help System

Access Control