What you can see or do is determined by which objects you need to see and which actions you need to perform to do your job.
Your administrator can use many different components of the security model to control what you can do or see in the system.
For more information on the security model, see Security model overview.
|
Security model feature |
What it does |
|---|---|
|
Role and role assignment |
Determines your level of access to data and functionality in a specific plant or project configuration. You can belong to more than one role per configuration. Roles are associated with related access groups, domains, and owning groups. |
|
Access group |
Determines what actions you can perform in the system and which functional components you can access in your system. Users are related to roles, which are related to access groups. |
|
Security rule |
Limits the types of data that you can query in the system. Your associated access groups are used to determine which security rules are relevant. |
|
Security code |
Sets different security levels for users and data in the system. Security codes are used by security rules, which determines your access to documents and data items that can be secured by these codes. You may be assigned different sets of security codes in different plants or projects. |
|
Owning group |
Sets up ownership of data, typically by department or discipline, as well as controls your access to an object or parts of an object based on its ownership. Objects can be owned by a user or by an owning group. Owning groups are associated to roles. The default owning group is engineering to which everyone has access. |
|
Configuration |
You can be assigned different roles in different plants and projects. You can create and manipulate data in a single plant or project. This is also known as the create scope. Objects created in projects are not visible from parallel projects or its parent plant. You can query across multiple plants and projects. This is also known as the query scope. |