Component Access Control
Objective
You want to use a consistent interface to view and manipulate access control permissions on individual Windchill objects.
Background
The Common Access Control Component was developed to provide a consistent interface for Windchill ProjectLink and Windchill PDMLink users to view and manipulate access control permissions on individual Windchill objects. The feature is available in the out of the box Security Clerk through the Edit Access Control action and also in the Create Document and Create Part wizards.
To learn more about the Edit Access Control action and window, see
Editing Access Control for an Existing Object.
This feature for individual object instances is implemented using ad hoc ACLS. The access component for a folder also has the additional capability of defining permissions and propagating them throughout the folder contents.
Preferences are supported to permit sites to tailor the visibility and updatability of individual access control permissions to meet their specific access control requirements.
Scope/Applicability/Assumptions
This feature only applies to objects that implement the wt.access.AdHocControlled interface. The AdHocControlled interface holds information that controls access to a specific instance of an object class. The ad hoc ACL specifies only positive permissions. It cannot be used to deny access to an object. If the ad hoc ACL grants a permission that is denied in the policy ACL, the ad hoc rule supersedes the policy rule, and the access right is granted.
Intended Outcome
The feature may be used in two ways:
• The Edit Access Control action can be added to the object’s action model and the action will be available in the object’s action list.
|
The visibility of the action may be constrained by profiles defined in the Role Based UI. See Managing Profiles for more details about profile- and role-based visibility administration.
|
• The Access Control Component can be included as a step in the object’s Create wizard. It appears as an optional Set Access Control step in the create process, which is highlighted in the wizard at this point.
Parent topic