Create a security rule - HxGN SDx - Update 63 - Administration & Configuration

Administration and Configuration of HxGN SDx

Language
English
Product
HxGN SDx
Search by Category
Administration & Configuration
SmartPlant Foundation / SDx Version
10

You can group multiple class definitions and access groups together into a security rule and restrict their access based on a condition.

Security rules can also be created using the Web Client. For more information, see Create a security rule.

  1. In the Desktop Client, click File > New > Administration > Security Rule.

  2. Type the name and description for the new security rule.

  3. In the Security Rule definition box, type the syntax to describe the condition that the object must meet for the methods related to the access group to appear. Example: obj->SPFCXmtlExternalCompany_12.Name=ENV.USERORGANIZATIONNAME.

    The security rule syntax is the same as that used to create conditions, except that the security rules do not support keywords like ‘NOT’, 'OBJ1', 'OBJ2', or function keywords like ‘ISSET’, ‘ISSETB’, and so on. For more information about creating conditions, see Configure conditions.

  4. Find and select one or more class definitions from the Class Definition list to associate with the security rule.

  5. Find and select one or more access groups from the Access Group list to associate with the security rule.

  6. Find and select one or more edge definitions to expand and apply the security rule.

  7. Find and select one or more relationship definitions to expand from End1 to End2 and apply the security rule.

  8. Find and select one or more relationship definitions to expand from End2 to End1 and apply the security rule.

    For example, the following security rule definition has a relationship definition expansion:

    Obj->SDAItemSecurityCode_12.Name = Env.SecurityCodesForUserInQueryConfig Or obj.objdefuid = ‘SDAArea’

    This security rule definition ensures that the results either match the security code or are in an SDAArea, which may not have a security code.