Versions Compared

Version Old Version 4 New Version Current
Changes made by

Wanja Mensch

Wanja Mensch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Read: Grants read access to Spaces and all their Configuration Areas except for the Confidential Configuration Areas.

  • Read Confidential: Grants read access to Confidential Configuration Areas.

  • Create, Modify, Disable: Automatically created for each Component Unit or Configuration Type. Users must possess scoped roles with appropriate permissions to perform these actions.

  • Maintain: Includes create, modify, and disable permissions.

  • Modify: Grants permission for modification only.

  • Delete: Grants permission for deletion only.

  • Administrative Permissions: These permissions can only be assigned to a space via a role and include tasks such as maintaining roles, the type system, configuration areas, storage locations, Single Sign-On (SSO) configuration, and Master Data.

...

Access to content within Smartfacts CDCM is determined by the permissions assigned to users:

  • Read Access: Users with a role that has the "Read" permissions to at least one Configuration Area permission for a space have read access to all Configuration Areas within the Space, except those marked as "Confidential." non-confidential configuration areas in that space, including all the content of those configuration areas.

  • Confidential Access: For "Read" access to a Confidential confidential Configuration Area, users need a role explicitly granting with a "Read Confidential" permissions" permission for that confidential configuration area.

Write Permissions

When a new component unit or configuration type is created in Smartfacts CDCM, Create, Modify, and Disable Delete permissions are automatically generated for that type with the following pattern: <conceptTypeName>Maintain, <conceptTypeName>Modify, <conceptTypeName>Delete. This streamlines the process of managing access rights and ensures consistency across the system. Here's how it works:

...

  1. Navigate to Admin Area: Access the admin area of Smartfacts CDCM. (Cogwheel icon at the bottom left in the side menu)

  2. Select Roles & Permissions

  3. Choose an action

    1. Add a new role by clicking on the + Add Role button at the top right

    2. Edit a roles permission by selecting a role from the list

      1. Assign a permission by clicking on the + button in the list of unassigned permissions

      2. Unassign a permission by clicking on the - button in the list of assigned permissions

      3. Permissions can be filtered by access type, unit type and permission type

Example of a

...

Configuration

These are The following examples of scoped roles included in include the token provided by the Identitiy Provideridentitiy provider (=IDP). These examples where done with the default settings for Authorization customizationCustomization. For example the separator for the different parts of the token can be changed from the default which is a singe .

...