Community
Vault Forum
Welcome to Autodesk’s Vault Forums. Share your knowledge, ask questions, and explore popular Vault topics.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Problem with access rights after upgrade PS2009 to VM2010

1 REPLY 1
Reply
Message 1 of 2
andrzej.barys
216 Views, 1 Reply

Problem with access rights after upgrade PS2009 to VM2010

After upgrade PS2009 to VM2010 we have very big problem with access rights to files linked to items, with "Released" state. VM2010 does not see no access rights (set for directories in Vault) to files linked to items, which are "Released".

Explanation:
The problem occurred during the upgrade from Productstream 2009 to Autodesk Vault Manufacturing 2010. The data in the database are available through the Administration Module or by giving permissions to the directory created in Vault Explorer.
The database files are attached to items. These items have status "Released" .
If user X has no access to a subdirectory, then he should not be able to read, write, or delete this files from that subdirectory.
Unfortunately it is not work properly.
User X cannot see the directory in the "Vault Explorer," but knowing the file name can look it up through the "Find" and open through the "View in Window"
Also in "Item Master" user X can see the items and see the files that are linked to this items.
With the web browser based client user X can also see and download forbidden files to his local disk.

To sum up: Although the user X has no access rights to a subdirectory, he can see data that are not allowed for him.

Regards
Andrzej Barys
1 REPLY 1
Message 2 of 2
Anonymous
in reply to: andrzej.barys

There was a change in the way files are "locked" by Items in 2010.
You will notice the ability to create an Access Control List (ACL) in
the Item area of the administration dialog. This ACL will be applied to
the file as an override to the folder security. It is not a combination
of the two it is a complete override. When the Item is release the
override ACL will be applied, when the item moves out of a released
state the override ACL will be removed and the file will have the ACL
provided by the folder.

We made this change for several reasons.
1. We had two different security models in the past (file lock and
folder ACL). This was confusing for the user and difficult for us to
maintain.
2. The new Item ACL provides more flexibility. It is no longer just
locked or unlocked. It can be different for different users.
3. We did this to make Items compatible with the new file lifecycle
system. They both use the same override ACL functionality.

- Mikel

-----Original Message-----
From: andrzej.barys@telzas.com.pl [mailto:andrzej.barys@telzas.com.pl]
Posted At: Friday, February 05, 2010 3:58 PM
Posted To: autodesk.productstream
Conversation: Problem with access rights after upgrade PS2009 to VM2010
Subject: Problem with access rights after upgrade PS2009 to VM2010

After upgrade PS2009 to VM2010 we have very big problem with access
rights to files linked to items, with "Released" state. VM2010 does
not see no access rights (set for directories in Vault) to files linked
to items, which are "Released".

Explanation:
The problem occurred during the upgrade from Productstream 2009 to
Autodesk Vault Manufacturing 2010. The data in the database are
available through the Administration Module or by giving permissions
to the directory created in Vault Explorer.
The database files are attached to items. These items have status
"Released" .
If user X has no access to a subdirectory, then he should not be able
to read, write, or delete this files from that subdirectory.
Unfortunately it is not work properly.
User X cannot see the directory in the "Vault Explorer," but knowing the
file name can look it up through the "Find" and open through the "View
in Window"
Also in "Item Master" user X can see the items and see the files that
are linked to this items.
With the web browser based client user X can also see and download
forbidden files to his local disk.

To sum up: Although the user X has no access rights to a subdirectory,
he can see data that are not allowed for him.

Regards
Andrzej Barys

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Autodesk Design & Make Report