Source Column in Access Rules Table | |
Source Type | Description |
Policy | Policy rules can be created by loading data, by importing files, and by Windchill services. For example, permissions with this source designation can be set in the following ways: • When your Windchill system was installed and data is loaded, some policy rules are set. • When application contexts are created and used, the templates used can contain policy rules and the services invoked can set policy rules. • When files are imported, the files can contain policy rules. Additionally, if you are an administrator, you can create, modify, and delete policy rules using the Policy Administration utility. If an administrator has created a policy rule for a dynamic role in an organization or site context, the permissions set by the policy rule will appear on the Access Rules table in a table row for the system group associated with the role in the application context. If policy rules are also created for the system group, the policy rules for the dynamic role and system group are merged and appear as one row in the table. |
Life Cycle | The permissions with this source designation were set through a life cycle template, where permissions can be granted to participants (associated with specific roles) as an object moves through its life cycle states. Only administrators who can change the life cycle template can change the permissions. Changes to the template can affect the permissions set when the template is used. |
Work Item | The permissions with this source designation were set through a workflow template, where permissions can be granted to participants (associated with specific roles) as an object moves through the workflow process. Only administrators who can change the workflow template can change the permissions. Changes to the template can affect the permissions set when the template is used. |
Access Control | The permissions with this source designation were set from the Set Access Control step when the object was created, from a Edit Access Control action, from imported rules, or by Windchill services. If you have the permission named Change Permissions for an object, you are authorized to grant other participants any permission that you have from a Edit Access Control page. For example, if you have Change Permissions, Read, and Download permissions on an object, you may be able to grant these permissions to others. For more information, see Understanding When You Can Modify Permissions. |
Team | The permissions with this source designation were set when the team was created at object creation and are a result of the workflow that is associated with the object. These permissions can get updated when participants of the team are updated as a result of making a change in the Set Up Participants table that is displayed on the task information page. The task information page is accessible from the Tasks table when tasks are present. |
Context | The permissions with this source designation are set when an application context is created and each time participants are added to the context team (controlled by the wt.inf.team.wtusersUseAccessPolicyRules property). You cannot change permissions that have this source. |
Share | If the object for which the access information is being displayed is an object that has been shared from another context, the permissions set when the object was shared have Share as the source designation and any additional changes made using the Access table from the context that the object is shared to have Share as the source designation. For shared object information, see Setting Access Control on a Shared Object. |
You cannot change any of the access control rules from this window. If a rule should be changed, use the information presented in the Source column to determine where the rule is managed and whether you can change it or need to request that an administrator change it. Administrators can get more information about how policy and ad hoc access control rules are evaluated from the Access Control Overview. |