Configure user access - HxGN SDx - Update 64 - Administration & Configuration

Administration and Configuration of HxGN SDx
Language
English
Product
HxGN SDx
Search by Category
Administration & Configuration
SmartPlant Foundation / SDx Version
10

Hexagon University Icon eLearning is available for this topic. Check it out here: HxGN SDx® | Administration | User Access and Security Configuration

Access control configures what is exposed to each user in the feature sets and actions menus of objects, and what objects are returned from any search or relationship expansion. The user roles consist of sets of access groups that grant access to commands and relationship expansions grouped together by functional operation. The filtering of data items returned to the user is governed by security rules defining which access groups can see what data items based under different conditions.

  • Existing security rules can be modified. For example, to filter documents based on a new custom property.

  • Method, entry point, and relationship access can be removed or modified. For example, to remove a search option.

  • Access groups should not be removed from existing roles.

  • New custom access groups can be added to existing roles. For example, to expose new data structure management.

For information about the functionality available to a role, see the HxGN SDx Roles matrix.

What do you want to do?

What are the rules for changing the access control?

Security rules

  • Security rules provide conditional access to data items by access group. These rules can be freely edited, for example, to change the conditional filter or the access group for the rule.

  • Security codes are assigned to users for each plant or project in which they work. The rules match the security codes to those on documents and other objects to filter the search results. The security codes provided with the database can be freely changed.

Command and relationship access

  • Method, entry point, and relationship access is granted by access groups, and these can be removed or replaced.

    • Each role has a role-specific access group to allow commands to be specifically exposed to each role.

    • A common change is to remove a method from a general access group that is on many roles and add it to one or more role-specific access groups to limit its availability.

  • The conditions used on the methods cannot be changed.

  • You can create new access groups to expose new methods, entry points, and relationships.

  • You can edit the relationship access group configuration for info map and so on.

Roles

  • Existing roles can be extended with custom access groups, but existing access groups cannot be removed.

  • New roles can be created with any mix of existing or new access groups.