groups command

You can implement and define security for objects. A Rational Synergy database can contain many different collections of objects. Group security restricts check out and modifies permissions to a specified group of users for certain objects. In addition, you can specify read security, which limits visibility of the source contents of objects to designated groups.

If you work as the group manager, use group security for the following reasons.

A user working in a role that can create objects can restrict access of an object to specified groups if that object is the only version and the user can modify that object.

Read security is implemented by providing access control to the source attribute of an object. Users can query for objects and see other attributes regardless of any read restrictions. Read security applies to source objects that can be versioned, and does not apply to directories and projects. However, if you apply read security to an object that is currently in user work areas, those files are still readable by the users.

You can define the following different levels of read access security:

Any object that is checked out inherits the same group security restrictions as its predecessor, including read security restrictions. Read security can only be used with copy-based work areas.

If you have a directory in the public state that uses group security and the user is not a member of any of the directory's groups, the user can still create new objects, add them to, or remove them from the directory. Users can easily overwrite each others' changes if you use public directories; exercise caution when using public directories.

For additional information about setting up databases for read security, see Database read security. If you have a directory in the public state that uses group security and the user is not a member of any of the groups for the directory, the user can create objects, add them to, or remove them from the directory. Users can easily overwrite each others' changes if they use public directories; exercise caution when using public directories.

The groups command supports these subcommands:


Feedback