Community
Vault Forum
Welcome to Autodesk’s Vault Forums. Share your knowledge, ask questions, and explore popular Vault topics.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Allow ACL Permissions To Be Less Restrictive

4 REPLIES 4
Back to Vault Category
Back to Topic Listing
Reply
Message 1 of 5
Anonymous
431 Views, 4 Replies
‎08-02-2012 10:20 AM
‎08-02-2012 10:20 AM

Allow ACL Permissions To Be Less Restrictive

When a user is part of multiple groups with varying group permissions and those multiple groups are applied to an ACL Vault will always apply the most restrictive permission to the user. Incertain situations a user will need a higher permisiion than the ACL will allow their group(s).

 

We need a way - via the ACL - to give a particular user (or group) an elevated permission that will override their adjoining group permission on a case by case basis.

 

Perhaps there could be a "use elevated permission" check box in the ACL that would allow us to override the security "up".

Report
Labels (4)
Labels:
0 Likes
Reply
4 REPLIES 4
Message 2 of 5
Redmond.D
Autodesk
in reply to: Anonymous
‎08-03-2012 04:37 AM
‎08-03-2012 04:37 AM

For our own internal Vault, we decided not to use the "Deny" setting in any of our ACLs.  If we don't want a group to have access, then we don't give it an "Allow".  Under this model, users have access as long as they are in at least one group with access.   



Doug Redmond
Software Engineer
Autodesk, Inc.

Report
0 Likes
Reply
Message 3 of 5
ihayesjr
Community Manager
in reply to: Anonymous
‎08-06-2012 07:11 AM
‎08-06-2012 07:11 AM

Hi obourne, Thanks for the feedback. ACL permissions are least restrictive unless you set a group with the Deny permission. We have based this feature just like Windows NTFS permissions. Are you setting the Deny permission for a group or user?



Irvin Hayes Jr
Sr. Product Manager
Autodesk, Inc.
Vault - Under the Hood Blog
Report
0 Likes
Reply
Message 4 of 5
Anonymous
in reply to: Anonymous
‎08-06-2012 07:46 AM
‎08-06-2012 07:46 AM

@doug.redmond , Thanks for the idea.

 

@ihayesjr . We are using the "deny" permission. I didn't know about the NTFS method you mentioned. I'll give it a try and let you know if it works.

 

To my original post: it sounds like maybe the functionality we need is already there, just not very discoverable (or at least not in the help system). I could see how trying to sort through "should I 'deny' or not in this situtauion" could be very challenging. Maybe this functionality could be exposed/controlled more through the UI (i.e. radio buttons, user permission status check - choose a user and get an update on their permission level for a particular object)?

 

BTW I was an AE in the channel for several years. I saw this "issue" of overly restrictive permissions arrise at MANY companies. There is a need for some help in this area.

 

Thanks fot the input-Cheers!

Report
0 Likes
Reply
Message 5 of 5
Anonymous
in reply to: Anonymous
‎08-06-2012 08:57 AM
‎08-06-2012 08:57 AM

I tried out the suggestions. The suggestions function as stated but do not give me the result I need. I do need to "deny" certain groups permissions EXCEPT for one (or a couple) users in those groups in various situations.

 

This is a big issue for me persoanlly as I have 170 users in my Vault and it's tough maintaining the right permissions in all situations.

 

-Cheers!

Report
0 Likes
Reply
Reply

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Autodesk Design & Make Report

Report a website issue