Server Configuration > Access Control List Permissions > Managing ACL Permissions > Workflow and Document Permissions
 
Workflow and Document Permissions
Workflow and document ACLs allow access to various administrative and user functions related to workflows and documents. As the Integrity Lifecycle Manager server administrator, you can control who can/has:
access to login
administer projects and types
customize permissions for change package types
determine how users create queries and work with e-mail or change packages
create charts, reports, and dashboards
The following table lists the default permissions provided in the mks:im ACL shipped with Integrity Lifecycle Manager:
Permission
Description
Prerequisites
Admin
Access administrative functions related to workflows and documents. For super administrator whose tasks include managing users, groups, projects, states, types, and fields.
Assign project administrators and type administrators.
Customize permissions for change package types.
Close change package initiated by another user.
Create admin reports, dashboards, charts, and queries.
Share reports, dashboards, charts, and queries created by another user, if shared to you. If the object is shared to you, you can also delete it.
Create and clear Integrity Lifecycle Manager server alert messages.
By default, Admin permission is allowed for Everyone group.
Login
AdminProxy
For PTC – Integrity Support only. Perform administrative functions on proxy.
By default, AdminProxy permission is cleared in Everyone group.
Login
AdminServer
For PTC – Integrity Support only. Perform administrative functions on server.
Required to view audit log.
By default, AdminServer permission is cleared in Everyone group.
Login
CreateChart
Create charts. Denying permission restricts user to using only those charts already on system. For information on charts see the Integrity Lifecycle Manager Help Center.
By default, CreateChart permission allowed for Everyone group.
Login
CreateCPType
Create custom change package type. For information on custom change package types, contact PTC – Integrity Support.
By default, CreateCPType permission is allowed for Everyone group.
Login
CreateDashboard
Create dashboards. For information on dashboards see the Integrity Lifecycle Manager Help Center. Denying permission restricts user to using only those dashboards already on system.
By default, CreateDashboard permission is allowed for Everyone group.
Login
CreateProject
Create new top level project for workflows and documents and assign another project administrator. Permission can extend capability of project administrator. Denying permission means user cannot create new top level project or assign another project administrator.
By default, CreateProject permission is allowed for Everyone group.
Login
CreateQuery
Create new query. Denying permission restricts user to using only those queries already on system.
By default, CreateQuery permission is allowed for Everyone group.
Login
CreateReport
Create new report. Denying permission restricts user to using only those reports already on system. For information on reports see the Integrity Lifecycle Manager Help Center.
By default, CreateReport permission is allowed for Everyone group.
Login
CreateSharedAdmin
Specify if query, dashboard, report, or chart is admin provided object.
Login
CreateType
Create new or delete existing types (required).
Create new type or assign another type administrator. Permission can extend capability of type administrator. Denying permission means user cannot create any new types or assign another type administrator.
By default, CreateType permission is allowed for Admin permission.
Login
DeleteItem
Delete items of any type.
By default, DeleteItem permission is allowed for Everyone group.
Login
Login
Login access. Denying permission prevents user from accessing workflow and document functionality.
By default, Login permission is allowed for Everyone group.
none
ModifyDeleteItemRule
Create or modify a type rule that specifies which users can delete items of that type.
By default, ModifyDeleteItemRule permission is cleared in Everyone group.
Login
CreateType
ModifyNotification
Change personal notification preferences. Denying permission means user cannot add personal preferences to any centrally configured e-mail notification settings.
By default, ModifyMyNotification permission is allowed for Everyone group.
If the notification can be displayed in the Web UI but a user does not have this permission, the notification displays but the associated components are disabled.
If the notification cannot be displayed in the web UI, the Item Notifications tab displays an error message.
Login
ViewMyNotification
PurgeTestResult
Purge test results for the test cases in a test session. The purge test results command is available only through the CLI. For more information on test results, see the Integrity Lifecycle Manager Help Center.
By default, PurgeTestResult is allowed for Everyone group.
Login
ShareToEveryone
Share queries, reports, charts and dashboards to the Everyone group.
By default, ShareToEveryone permission is cleared in Everyone group.
Login
TimeTrackingAdmin
Create, edit, and delete time entries on behalf of other users in Integrity. Ability to create, edit, and delete time entries governed by normal item permissions.
By default, TimeTrackingAdmin permission is cleared in Everyone group.
Login
ViewAdmin
View administrative information related to workflows and documents.
By default, ViewAdmin permission is allowed for Everyone group.
Login
ViewChangePackage
By controlling the user’s ability to view change packages when working in Integrity Lifecycle Manager, the ViewChangePackage permission provides an additional level of control for accessing information in projects.
By default, ViewChangePackage permission is allowed for Everyone group.
Login
ViewMyNotification
View, but not change, personal notification preferences.
By default, ViewMyNotification permission allowed for Everyone group.
If a user does not have this permission and they click theMy Profile link in the Web UI, an error message displays.
Login