Access Control

After performing the basic security setup in EPM SA, access control to data is defined in Cobra.

Each type of file in Cobra (project, calendar, resource, rate, code, report, and configuration) has a Properties dialog box and New File wizard, which contain the Access Control tab or the Access Control page. You use the Access Control tab or the Access Control page of each file type to secure the file and assign access rights to either a user or a group of users. When you assign a group access to a file, the primary role of the user will be used to determine what type of access they have while in the file. For example, the primary role for each user in the group will determine if the user can edit the budget within the project.

File Access Control Tab Access Control Page
Project Access Control Tab of the Project Properties Dialog Box Access Control Page of the New Project Wizard
Calendar Access Control Tab of the Calendar File Properties Dialog Box Access Control Page of the New Calendar File Wizard
Code Access Control Tab of the Code File Properties Dialog Box Access Control Page of the New Code File Wizard
Rate Access Control Tab of the Rate File Properties Dialog Box Access Control Page of the New Rate File Wizard
Report

Access Control Tab of the Report Properties Dialog Box

Access Control Tab of the Add Batch Report Dialog Box

Access Control Tab of the Edit Batch Report Dialog Box

Access Control Page of the Report Wizard
Integration Configuration Configuration Security Dialog Box

Access Control Page of the Integration Wizard - Actuals

Access Control Page of the Integration Wizard - Ancillary

Access Control Page of the Integration Wizard - Scheduling Tools

wInsight Configuration

Access Control Page of the wInsight Wizard

Cost Data Configuration

Access Control Page of the Cost Data Wizard

To provide access control to a file, you must be a member of the SYSADMIN group or the owner of a file.

Field Description
Owner

This field displays the user ID of the owner of the file. By default, this field displays the user ID of the user creating the file. You can only assign a single owner to each file.

Note: This field is always disabled regardless of whether you are the owner of the file, or a member of the SYSADMIN group. To change the Owner field of a particular file, use the Access Control tab of the file’s Properties dialog box.
User Users refer to individuals who can be given the right to open and view the file.

Users must have update access to a project and its ancillary files in order to run the integration against it or to update the configuration settings.

Group

Groups are composed of individual users and provide a convenient way of assigning multiple user rights to the file. A user can be a member of any number of groups.

The SYSADMIN group is a special group that has access to administrative information.

Use the WORLD group to easily provide access to all users. For example, use this group to provide all users with read access to the integration configuration. All users you define in the EPM Security Administrator (EPM SA) automatically become members of the WORLD group in Cobra. Since this special group does not require you maintain the users, you cannot select the WORLD group in the Group list in EPM SA.

Role Roles define the permissions of a user set in EPM SA. Changing this field does not override the primary role defined in EPM SA.
Read Only

This option, when selected, allows the creator of the file (or any member of the SYSADMIN group) to provide a user or a group with Read Only access to the file.

Note: For existing file, only the owner or any member of the SYSADMIN group can change the security settings, and delete and restore a file. You can assign multiple users, groups, or roles to a file.