The security model is a flexible mechanism to control role-based user access to data and the operations that can be performed on that data.
The security model is comprised of:
-
Users
-
Roles, domains, and access groups
-
Configurations
-
Role assignments and owning groups
-
Security rules
-
Security codes
A user is assigned a role in a configuration for example, to work as a Designer in Project1. Roles are related to access groups, which control access to methods (commands), relationships, and security rules. Any number of methods or relationships can be grouped together on an access group. A role can provide functionality through any number of access groups, and the same user can play different roles depending on the configuration.
Users and objects, like documents, can both be related to specific security codes to limit access, and security rules can be used to further restrict access and are related through the access group.
The security model controls user access to:
-
Application modules
-
Menus and toolbars
-
Shortcut menu commands
-
Relationship manipulation and navigation
-
Data segregation based on user and tool ownership
-
Conditional data access supported by query