Access Control
After performing the basic security setup in EPM SA, access control to data is defined in Cobra.
Each type of file in Cobra (project, calendar, resource, rate, code, report, and configuration) has a Properties dialog box and New File wizard, which contain the Access Control tab or the Access Control page. You use the Access Control tab or the Access Control page of each file type to secure the file and assign access rights to either a user or a group of users. When you assign a group access to a file, the primary role of the user will be used to determine what type of access they have while in the file. For example, the primary role for each user in the group will determine if the user can edit the budget within the project.
To provide access control to a file, you must be a member of the SYSADMIN group or the owner of a file.
Field | Description |
---|---|
Owner |
This field displays the user ID of the owner of the file. By default, this field displays the user ID of the user creating the file. You can only assign a single owner to each file. Note: This field is always disabled regardless of whether you are the owner of the file, or a member of the SYSADMIN group. To change the
Owner field of a particular file, use the Access Control tab of the file’s Properties dialog box.
|
User | Users refer to individuals who can be given the right to open and view the file.
Users must have update access to a project and its ancillary files in order to run the integration against it or to update the configuration settings. |
Group |
Groups are composed of individual users and provide a convenient way of assigning multiple user rights to the file. A user can be a member of any number of groups. The SYSADMIN group is a special group that has access to administrative information. Use the WORLD group to easily provide access to all users. For example, use this group to provide all users with read access to the integration configuration. All users you define in the EPM Security Administrator (EPM SA) automatically become members of the WORLD group in Cobra. Since this special group does not require you maintain the users, you cannot select the WORLD group in the Group list in EPM SA. |
Role | Roles define the permissions of a user set in EPM SA. Changing this field does not override the primary role defined in EPM SA. |
Read Only |
This option, when selected, allows the creator of the file (or any member of the SYSADMIN group) to provide a user or a group with Read Only access to the file. Note: For existing file, only the owner or any member of the SYSADMIN group can change the security settings, and delete and restore a file. You can assign multiple users, groups, or roles to a file.
|