Community
Vault Forum
Welcome to Autodesk’s Vault Forums. Share your knowledge, ask questions, and explore popular Vault topics.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Lifecycle transition security

4 REPLIES 4
SOLVED
Reply
Message 1 of 5
randyspear6624
441 Views, 4 Replies

Lifecycle transition security

I'm trying to apply varying lifecycle transition security to my lifecycle states but it seems that if you are a member of a group that is denied  and a group that is allowed, the denied take precedence. I can't see any option for hierarchy or priority.

 

How have others dealt with this without creating an endless combo of groups?

thanks 

4 REPLIES 4
Message 2 of 5
Redmond.D
in reply to: randyspear6624

Personally, I find it easier to not use the Deny setting.  If you set security on something, a user is denied unless there is an Allow.  That way you only have to worry about granting access.

 

Also, you should take a look at the Effective Permissions app.  You will probably find it useful.



Doug Redmond
Software Engineer
Autodesk, Inc.

Message 3 of 5
randyspear6624
in reply to: Redmond.D

Thanks.. I'm learning more by the hour. 

 

I would prefer not to have to micromanage the transition security anyways so I guess a better question is.. is there a role that I can assign to groups that will allow them to only "manage" documents/folders that they have read,modifiy,delete access to?

Here's the problem:

I have a civil group and an arch group; I also have civil and arch lifecycles which I have applied varying state security. Both groups have doc editor level 1 and doc manager level 1 roles. This setup works well for basic editing security but it seems the doc editor role gives you rights to move any document to any state regardless of whether or not you have read, modify, delete access to that document.

 

Bonus question: is there a role similar to doc editor level 1 that will restrict folder creation/deletion?

 

Thanks again!

Message 4 of 5
Redmond.D
in reply to: randyspear6624

I think you are stuck micro-managing the security on states and transitions. 

Editing a document and changing the state are two different things.  So it is possible to do one without having permission on the other.  Vault gives you control of both permission sets, but it requires a lot of manual work.

 



Doug Redmond
Software Engineer
Autodesk, Inc.

Message 5 of 5
randyspear6624
in reply to: Redmond.D

Thanks, i've realized the key is to simplify my states as much as possible to minimize this.

Example, instead of having a state for the various types of submissions we have, I simply have one state called submission .

 

 

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Autodesk Design & Make Report