Interface ownership - HxGN SDx - Update 63 - Administration & Configuration

Administration and Configuration of HxGN SDx

Language
English
Product
HxGN SDx
Search by Category
Administration & Configuration
SmartPlant Foundation / SDx Version
10

In the model described above, once a user has retrieved an object, they can update its data using a form and can run methods and navigate relationships based on their role in the system. The object can have an owning group to further restrict access. If the object contains data that needs to be managed by different disciplines or contains data that requires different user access, then a further level of granularity is required.

The interfaces on an object, when correctly modeled, represent a role for that part of the object. For example, document classes may have interfaces for technical design, vendor details, construction status, and not all users in the system necessarily require the same access to each of these. For this reason, a relationship is defined between an interface and an owning group.

SPFInterfaceDefDataAccessGroup relationship definition

This specifies that the interface is owned by the related owning group. An interface can have more than one owning group related to it. Two properties are defined on the link interface to control the type of access control defined by the relationships.

The following properties can be used to restrict user access only when the Enable interface definition access control option is selected in the system options. By default, this option is not selected. For more information on the system options, see Configure the system options.

SPFExclusiveAccess property

This property, if set, dictates that the owning group has exclusive access to the interface and users in roles with other owning groups will have no access to the interface, its properties, or its methods and relationships. If the property is not set, then users in roles with other owning groups get read only access to the interface. A summary of how this access works is given below.

SPFReadOnlyAccess property

If set, this property gives the user read only access to the interface. It is used when some owning groups require write access, some read only access and others no access.

Evaluation of interface ownership

The owning group access to interfaces and the properties, relationships, and methods configured on them is evaluated as follows:

  • If the interface has no owning group, then the user will see the properties on the forms and views, and see all shortcut menu methods and relationship navigation that their role allows.

  • If the interface has one or more owning group, then,

    • If no owning group is related as exclusive, then,

      • Users in roles that do not have any of these owning groups will have read only access to the properties and relationships on forms, and see all relationship navigation and non-updating methods that their role allows.

      • Users in roles that have one of these owning group will have read or writable access as defined on the relationship. 

  • If an owning group is related as exclusive, then,

    • Users in roles that do not have any of these owning groups will have no access to the properties and relationships on forms, and will not see any relationship navigation and or methods on those interfaces.

    • Users in roles that have one of these owning groups will have read or writable access as defined on the relationship.

Components of the Desktop Client controlled by interface ownership

User access to an interface can be summarized as:

Writable

If the interface has no owning groups.

If the interface has an owning group related for write access that matches the role of the user.

Read Only

If the interface has owning groups none of which are related exclusively and none of which match the user's role (the presence of an exclusive owning group would result in no access as below).

If the interface has an owning group related for read only that matches the role of the user, irrespective of the presence of any exclusive owning groups.

No Access

If the interface has owning groups, some of which are related exclusively, and none of the owning groups match the role of the user.

User access to the interface is categorized as writable, read only, or no access as summarized above. This is then applied to the following features of the Desktop Client:

  • Forms – display items on the form for properties and relationships on the interfaces are set to writable, read only, or hidden.

  • Ad Hoc Reports – attributes for properties and relationships on the interfaces are either set to writable, read only, or hidden.

  • Shortcut Menu Methods – methods on interfaces with no access are hidden. Updating methods on read only interfaces are also hidden.

  • Shortcut Menu Relationships – relationships on interfaces with no access are hidden.

  • Drag And Drop – creation is not permitted if the user does not have read access to the interface on each end of the relationship. Where a relationship has one end identified as the “owner”, the user must also have write access to that interface.