Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Show only
|
Search instead for
Did you mean:
This page has been translated for your convenience with an automatic translation service. This is not an official translation and may contain errors and inaccurate translations. Autodesk does not warrant, either expressly or implied, the accuracy, reliability or completeness of the information translated by the machine translation service and will not be liable for damages or losses caused by the trust placed in the translation service.Translate
Would like the ability to set security on individual properties, so that I can control who has the right to modify them at any given lifecycle state... or at all. Right now it's all or nothing on properties.
In our environment we are using a lot user defined properties for CAD-files, items and BOMs. Some of this properties should be locked for the user. This properties are kind of "system flags" or our own system properties to store information from backgroud processes or other systems.
The issue what we have is that there is no posibillity available to block users to change this properties. If the user has the right e.g. to change the item he is also alowed to change all properties.
Wish is to extend the property configuration. I want to decide which user or user group has the permission to change the property.
I like this because we have a similar circumstance. We have clerical people handling some of the data for drawing files, but not the data that is mapped into the drawing. That should only be editable by our engineering/design team.
The goal is to manage visibility independently from the status.
From example :
My file is Validated, but for any reason I don't want that usergroup Engineers can see it for the moment. I don't want to create another status strictly identical but with a different visibility. I just set the property "Enable sharing" to False.
My file is in Work in progress, so by default Engineers cannot see it. For any reason, I need it to be seen by engineers. I don't need to modify the status, I only set "Enable sharing" to True.
I already can do that using Object security instead of Lifcycle security just for the concerned file. But this require Administrator access. With Property based security, any user could manage this without being administrator.
Implement access level for user defined attributes.
Example: When having own user roles e.g. Project Admin this group should able to set User defined project attributes. For non-project admin users, this Attributes should be read only.
In my company we have a lifecycle similar to (I will simplify) : "work in progress" --> "to be verified" --> "validated".
I would like that for the state "to be verified", some people (user name or group) can't modify the file itself in Inventor, but can change some properties I choose.
Here is the reason :
- "WIP" : R&D design a file
- "to be verified" : the method department doesn't modify the design, but add some information linked to the manufacturing machines (bending machine, ...) and also add a number which will be used in our MRP software --> the group "methods" could change the property "MRP reference", but not the property "title"
- "validated" : we produce the part and no change is allowed
I would like to promote the idea of installing restrictions to edit specific properties. If a user is allowed to edit a document at the moment, he is also able to edit important parts like the part number. My idea to solve that problem is to authorize certain users or groups to edit that information. The same way it works for roles or lifecycles. If they are not on the list, they simply cannot edit the file. Regarding the part number this would cause some issues, because this information is usually automatically generated when creating the file. Therefore we need an option to specify if this rule applies to empty values or not. The part number rule for example would not apply for empty ones. That way the user can create the file with the automatically generated part number without any restrictions. Nevertheless he wont be able to edit it afterwards. Only an administrator or someone who is eligible to edit this information can edit it after the creation process.
Now everybody in Vault who has sufficient permissions can modify File properties. It would be beneficial to enforce limit on who can modify a particular property. I.e.: only manufacturing manager should be able change property "Mfg Approved By". This feature will make Vault more secure.
Thank you for posting your idea. The properties are ones that exist in the file which Vault will not have control for who can modify the properties. How do you think this should be handled?
I do not know the neither Vault data nor the code structure and therefore cannot give advice how the feature to be implemented. However, I assume that in the database table there is a fields with the file properties and in the code somewhere there is a methods that modify those fields. If that is true, that method should be modified to check the user name and privileges. So if the user meet the criteria he should be able to modify the data in the field, otherwise, error message should come up...
I do some programming and as an Idea this sound easy. But as I said above I am not know the Vault's source code and cannot decide is it 15 minutes work (as it looks from outside), or re-write of the whole program... But even then, it should be considered for some future implementations and not dismissed just because it sounds too crazy.
Sorry, let me ask my question in a different way as I was not asking for programming advice. How do you see this working in the product from a user perspective? If the user is not connected to Vault at the time they are working with the data, how do you expect Inventor to know what properties the user can edit?
Now, I don't understand the question. Do you mean if the user is modifying the properties of the file from inside of the File itself? Like working within AutoCAD, Inventor, or MS Word?
I am not sure if all the file (vault) properties are available within those programs... I was thinking modifying the properties within Vault.
In either case, at the end the data will be imported (synchronized) with Vault. Then (at the time of synchronization) the above mentioned algorithm should be implemented. If some of the properties were read-only for a particular user, the message like "you do not have sufficient privileges to update some of the properties. Those properties will not be updated...". The rest of the data could be updated.
It would be really helpful to restrict who can edit certain properties in Vault based on a ACL list, even if the user has the ability to edit a file. This would be needed in the Vault Explorer interface for editing properties. If the property is mapped to a CAD file, then ACL restrictions would not be able to be applied.
We need to block some of the UDP's in the Vault -property-list for editing. Some user-groups should not have the permission to edit certain properties. For example item values, etc. should not be editable in the Vault property section or in Inventor IProperties only with ERP-connector dialogs.
Future Consideration: While we’re generally a fan of these ideas, the timing isn’t quite right for development consideration. As such, they are being put on the back burner to be re-visited at a later date. Please continue to comment and add your support.
I like the idea. However, if we were to implement it, I would like to set the correct expectation. Vault could control who could write to the property from the Vault Clients. However, once the file is removed from Vault, we can't prevent the CAD application, Inventor, from allowing users to edit the properties.
For now, I recommend making sure that the properties are set so that the value is from Vault to File. This way, the ERP Connector writes the value to Vault, and Vault will push that value to the file.
I would like to see the option Permission: "File edit user defined property" it is now not possible to assign this permission to a role. For Links and Folders it is available but not for Files and Items.
