If Windows authentication is used, a user can be allowed or denied permission to read, create, edit, execute, delete, and export a project, entity, business rule, or Business Rules Library object in a repository. If you have the appropriate permission privileges, you can extend or limit another user's permissions on an object, add users to the object, and change the object owner.
Caution: There is no source control for repository objects. They cannot be checked out or checked in and more than one user may work on an object at a time. Therefore, care must be taken when multiple Trillium users with the same level of permissions, sharing the same objects, concurrently access the same repository. Be aware of user permission levels and plan your work accordingly so that work is not overwritten or lost. For example, suppose you created a project but you are still tuning it and do not want another user to run it at this point. You can block access to the project until you are satisfied with it, and then restore access. |
-
Table 1. Permission privileges Permission
Action
Create
Allows users to create projects, entities, business rules, and Business Rules Library objects in the Control Center. If this is denied on a parent object, such as an entity, then you would not be allowed to create a child object, such as a business rule.
Read
Allows users to view projects, entities, business rules, and Business Rules Library objects in the Control Center.
Edit
Allows users to modify projects, entities, business rules, and Business Rules Library objects. Users can also enable and disable business rules from the List View right-click menu.
Execute
Allows users to run any project or business rule analysis.
Delete
Allows users to delete projects, entities, business rules, and Business Rules Library objects.
Export
Allows users to run the Control Center’s deployment tools to export a project to batch or real time. Users can also export library entities and library attributes that contain library rules.
Permissions
Allows users to give or deny permission to other users for an individual project, entity, business rule, or Business Rules Library object. The type of access (read, edit, and so on) is established on a per-object basis in the Control Center. If you do not have this privilege, you cannot modify permissions for other users.
Note: Permissions are automatically granted to users for any project, entity, business rule, or Business Rules Library object they create in the Control Center.Special Permissions Allows users to access advanced security settings to change the rule/object owner, add a user to the rule/object, and modify their permissions.
Note: Special permissions are automatically granted to users for any project, entity, business rule, or Business Rules Library object they create in the Control Center.
Guidelines
Note the following when setting security permissions in the Control Center:
- If the permissions set at the object level are different from those set at the repository level, the most restrictive permission applies. For example, if the Trillium repository administrator granted you permission to modify any project in a repository, but the owner of a particular project denied you (or a group of which you are a member) permission to modify it, then the deny privilege is the one that the Control Center recognizes.
- Security is available for all objects in the Business Rules Library, including business rules, attributes, entities, and the top-level Entity Business Rules and Attribute Business Rules folders.
- By default, permissions are based on the hierarchy of objects in the Navigation View. For example, the permission for a library entity business rule is inherited from its parent library entity, which in turn inherits permission from the Entity Business Rules entity folder.
- See example:
-
Changing the permissions of a parent object affects all child objects. For example, if permission is modified on an entity, then permissions on all business rules associated with that entity also change.
To view and modify permissions for a repository object