Hello...
Playing around with security. We are in the item realm of things and would like to create a role which allows the user to only see the Item and Change Order tabs. Would like to hide the Vault Explorer tab.
The same users will be forced to look thru the item to see the drawing/model and they will also be approving change orders.
Trying to prevent somebody from going in the back door to get a print that is not yet released.
Is this possible yet?
Solved! Go to Solution.
Solved by steveh3. Go to Solution.
What you can do is this:
For the users whom you don't want to have Vault Explorer access directly:
1. Create a group (for this instance I will call it "ITEMCO")
2. Give this group only Change Order and Item roles
3. Add the users you wish to restrict to the ITEMCO group
4. Right click on the root of the Vault Explorer and select Properties
5. Switch to the security tab, add ITEMCO, and deny all privileges
This may work for you though depending on what you want them to do with Items you may still have some problems.
For instance these users will not be able to change state on an Item. Maybe that is okay based on what you want to do.
I would suggest trying this out with one user and see if they can accomplish all the tasks you would want without problems.
Unfortunately there is no way (I know of) to hide the vault explorer otherwise.
Many of the Item and Change Order commands potentially need access to the files in order to run.
Thanks Scott...
Kinda gets me in the right direction. But, it appears when you deny rights to view files in the VE tab. You also lose the ability to view the files on the item.
I want to force the user to view the files from the item so that they don't back door the system and grab a file which hasn't been released yet.
With items, the files are watermarked with the state when you print. Where as if you print from VE tab, the files are not watermarked. Thus, potentially you could get an unrelease file in production.
We could use the web client, but they also need access to change orders.
Thanks,
Steve Hilvers
Unverferth
Yes, unfortunately the dwf files used by the item are controlled on the file side in Vault Explorer.
I guess you could just go to their workstation and remove the Vault Explorer and Home buttons from their UI.
This requires that they not add them back in on their own though.
Steve,
You can deny, users and/or groups,read access to Vault Explorer($).
Permissions to actual files are preserved, hence their ability to still preview the file within the context of ITEMS and ECOs, but access to the folder structure will be blocked from the top (simulating removal of Vault Explorer entirely) and indicated by a folder with lock icon named "Inaccessible".
Basic search of files (not ITEMS and ECO) will also be unavailable from the UI.
Advanced search (via Tools > Find), will allow the users to still find the files but they will not be able to perform action such as 'GoToFolder'. They will, however, be able to perform 'View in Window' action. But this worklow would take a user determined steps to get there.
Pascal
Pascal Le Guellec
Customer Success Engineer, Data Management
Autodesk, Inc.
Almost perfect...exactly what I was looking for. The only difference as you mention is that I did not propogate the changes thru to the children.
This will suffice.
Thanks for the help!
Steve H.
Playing around with roles / rights in VP2015 and I can't get it to act like I want.
I would like to force everyone outside of the engineering walls to go thru the item to access files. I really don't want them in the Project Explorer side of things where they could easily pick up a WIP or unreleasd files.
I thoughts this worked once upon a time (VP2010 or whatever it was then), but haven't tried it since.
I can't get the permission to work like the prior versions of VP.
Any insight on whether this is possible or not with VP2015? Or better solution?
Thank you,
Steve H.