![]() |
Telelogic DOORS (steve huntington) | ![]() |
new topic :
profile :
search :
help :
dashboard :
calendar :
home
|
||
Latest News:
|
|
Topic Title: Access Rights Prioritisation Topic Summary: User referred to twice, which takes precedence? Created On: 9-Jun-2008 15:11 Status: Post and Reply |
Linear : Threading : Single : Branch |
![]() |
![]()
|
![]() Answer: Group access rights are cumulative, but individual access rights override all group settings that the user resides in. For example, if user A is in group B with RMCDA access, and user A is explicitly set to R access only, the user will only have R access, irrespective of the group settings. | |
![]() |
|
For reasons I won't go in to, we have Access Rights set on a module where a user is uniquely identified and given the access RMCD and is also included in a User Group and given the access R.
Which, if any, takes precedence? If it makes any difference, the user on his own appears first in the list. |
|
![]() |
|
![]() |
|
Access right are cumulative, in other words the user gets the most access possible by virtue of inclusion in groups etc.
So if the user has RMCD access, then ading him to a group with R access will not take away his MCD rights. ------------------------- Tony Goodman Smart DXL limited www.smartdxl.com |
|
![]() |
|
![]() |
|
Thanks, that's what I thought, therefore I have a user with a sharing problem which needs investigating further :-(
|
|
![]() |
|
![]() |
|
Group access rights are cumulative, but individual access rights override all group settings that the user resides in. For example, if user A is in group B with RMCDA access, and user A is explicitly set to R access only, the user will only have R access, irrespective of the group settings.
|
|
![]() |
|
![]() |
|
Yes, if one group provides RM and another provides RC, then the user has RMC. Yes, a user specific access overrides all group access and is the only clumsy method of denying access.
Too bad a group access cannot have a "Minimum - Maximum" flag associated with it, where the access can be Minimum (as it is now) or Maximum, which would override other accesses. - Louie |
|
![]() |
|
![]() |
|
Okay thanks guys, I think that explains the problem I've got.
Edited: 10-Jun-2008 at 07:00 by Alan Gooch |
|
![]() |
|
![]() |
|
I didn't explain that very well did I!
Thanks to Joe and Louie for the clarification. As Louie says, this highlights why you should always use groups to assign access and never do it on individual users. ------------------------- Tony Goodman Smart DXL limited www.smartdxl.com |
|
![]() |
Telelogic DOORS
» General Discussion
»
Access Rights Prioritisation
|
![]() |
FuseTalk Standard Edition v3.2 - © 1999-2009 FuseTalk Inc. All rights reserved.