Controling of DWF visualisations

@K0ZMA 

Thank you for posting the idea.

• When can other users view the Visualization file?
• Are these specific users who shouldn't see the visualization file in this state?
• When can these users see the visualization file?
• Why do you have to hide the visualization file in Work in Progress?
• Can this be fixed by not producing visualization files in these states?

Hello ihayesjr,

-Well, as it is now, users can see visualisation file under all circumstances. I am not able to configure this settings. I have only one lifecycle definition with one state and thats it. So if I need to enable previews I need to set permission on this state "Read" -> "Allow" -> "Everyone".

-Yes, I have a group of users, they shouldn't be able to see files in the "top secret" category (with top secret lifecycle definition)

-These users should be able to see visualisation files of all other CAD data. (all IPT/IAM/IDW files that are not in the "top secret" category)

-Because many people in this company does not have a security clearance for "top secret" files. Not even in Release state.

-No, it is not the solution, because if you will not produce visualisation file, even users with the security clearance for "top secret" filles will not able to see the preview...

@K0ZMA 

Have you tried placing your "top secret" files in a folder to which those users cannot have access? 

This will block the user from seeing CAD and visualization files.

You can create a lifecycle definition for the visualization file and apply the appropriate security.

You will need to figure out a way of identifying visualization files that are "top secret" versus those that are not.

Have a lifecycle definition for each visualization type.

Hello, I agree that the folder permission could solve the problem entirely. But customer wants to place files into one folder even when some of it is "public" and some of it is "secret". Also it is problematic to move files across folder if they want to change the "level of security" on the files. It is much more conviniet and transparent to change the lifecycle definition. Especially when you are working on a project in team of many users and they already have data localy in the working forlder...

When I create lifecycle definition for the visualization files I will have the same problem with changing it later. Becuase user will have to change lifecycle definition for the source file, then unhide hidden files and change lifecycle definition for visualisation file as well.  Also it is not possible to find a way of identifying visualisation file because it is not possible to transfer attribites from source file to visualization file. The only thing you can work with is file name. But it is impossible because they are using external numbering (mentioned here https://www.autodesk.com/support/technical/article/caas/tsarticles/ts/01DuICSDHpxreDz4jDRh1Y.html) and they have only one numbering scheme from their ERP system used for all manufactured parts.

I still consider this as a bug in the Vault System. Visualisation file should be able to transfer "state permission" from source file to the visualisation attachment automatically.

Even Vault itself says, you are not able to "control" visualisation files manualy because of the possible "...conflicts between the editable data and the visualization files..."

Hello dear ihayesjr,

do you have any information from dev team how complicated would it be?

I found, there is a method in SDK called "AddFileWithBehaviors". This method has parameter "copyBehaviorsFromFile". So I think it should be possible to enable this option for DWF files during checkIn simply by initiating this parameter. Also of course on every life cycle state change of a source file (and its item).

Thank you for any information you can provide.

Best regards,

David

@K0ZMA 

Ideas that are posted are not guaranteed to be implemented.

We are not reviewing or working on this idea currently. 

See the link below.

How to Post to the Idea Boards – Collaborate! - Autodesk Community - Community Topics

Disclaimer: The development, release, and timing of any features or functionality described for our products remains at our sole discretion. This information is not a commitment, promise or legal obligation to deliver any functionality, is intended solely to outline our general product direction, and should not be relied on in making a purchasing decision.” 

I just came across the same problem. If you turn on hidden files in the user options, you can see all DWFs regardless of the permissions of the original file. That's a major security concern.

Do we have any update on this issue?

Thank you, David

We have not addressed this idea.

Ideas that are posted are not guaranteed to be implemented.

We are not currently reviewing or working on this idea. 

See the link below.

How to Post to the Idea Boards – Collaborate! - Autodesk Community - Community Topics

Disclaimer: The development, release, and timing of any features or functionality described for our products remains at our sole discretion. This information is not a commitment, promise or legal obligation to deliver any functionality, is intended solely to outline our general product direction, and should not be relied on in making a purchasing decision.” 

We also face the same problem.

In our opinion that is a huge security issue within vault!

One solution would be to give control over the "show hidden files" option for example using Roles.

So that we can control which user is allowed to view the dwf directly.

With the newer visualisation/export files (*.pdf / *.stp / *.dxf) it's already done with the publish option "synchronize lifecycle + revision with source", why not also for *.dwf/*.dwfx ????

Adding a new user-defined lifecyle state like "released secure" for the cad/vis-lifecycles would help and all depending files would have automatically the same state!

I definitely agree with Markus.

1) It IS huge security issue.

2) Being able to force disable checkbox "show hidden files" could solve this issue. Definitely "at least something" kind of solution.

Best regards, David