Access Control
Once the basic security setup is completed in EPM SA, data access control is configured in Cobra.
Each file type in Cobra—such as project, calendar, resource, rate, code, report, and configuration—includes a Properties dialog box and a New File Wizard, both featuring Access Control. This Access Control allows you to secure files and assign access rights to individual users or groups. When a group is granted access to a file, the primary role of each user in the group determines their level of access within the file. For instance, a user’s primary role will dictate whether they can edit the budget in a project.
To provide access control to a file, you must be a member of the SYSADMIN group or the owner of a file.
Field | Description |
---|---|
Owner |
This field displays the user ID of the owner of the file. By default, this field displays the user ID of the user creating the file. You can only assign a single owner to each file. Note: This field is always disabled regardless of whether you are the owner of the file, or a member of the SYSADMIN group. To change the
Owner field of a particular file, use the Access Control tab of the file’s Properties dialog box.
|
User | Users refer to individuals who can be given the right to open and view the file.
Users must have update access to a project and its ancillary files in order to run the integration against it or to update the configuration settings. |
Group |
Groups are composed of individual users and provide a convenient way of assigning multiple user rights to the file. A user can be a member of any number of groups. The SYSADMIN group is a special group that has access to administrative information. Use the WORLD group to easily provide access to all users. For example, use this group to provide all users with read access to the integration configuration. All users you define in the EPM Security Administrator (EPM SA) automatically become members of the WORLD group in Cobra. Since this special group does not require you maintain the users, you cannot select the WORLD group in the Group list in EPM SA. |
Role | Roles define the permissions of a user set in EPM SA. Changing this field does not override the primary role defined in EPM SA. |
Read Only |
When selected, this option allows the file creator or any member of the SYSADMIN group to grant Read Only access to a user or group. For existing files, only the owner or a member of the SYSADMIN group can change the security settings, delete, and restore the file. You can assign multiple users, groups, or roles to a file. |