I am newly exploring Project Administration module. How can the below use case be achived in Project Administration ?
There are two different non-dba groups/roles. G1/R1 and G2/R2
Users in G1/R1 have full access (read/write) to particular set of data.
Users in G2/R2 should be able to access some of this data only if the login with a Project. (as shown in image).
Solved! Go to Solution.
what is mean by perticular set of data? is it specific to Class or Type ?
and what is mean by some of the data?
Generally that perticular set of data will become the condition for ACL.
Suppose you want this Access for all Item & its subtypes.
You will select Access rule condtion as Has Class- Item
Then For Access control entry use Role in group --R1 in G1 give full access (Read, Write etc)
Then For giving access to those who have set project in session and that data belongs to that project then
use condition Current Project Team--%name of project% and give appropriate access
and of course the last condition for rest of the world-denying all access
Hope this helps
Particular data is just some items.
Access thing worked with your suggestions.
But now I can set only ONE project (the one specified in ACL) as the current project in User Settings. If I try to set any other project in User Settings, I get error "The instance is not loaded to modify. The given tag() does not exist or is not a persistent object tag".
Instead of Current Project Team you can use Project Team--%your project name%
and then even user don't have to assign the project in the current session.
It will check if the user is in the projects defined, and they you can provide the access to those users,
This will also help to reduce the efforts to change the project in the session.
Thanks again for your inputs.
Not sure why, but the current requirement is to have the project set as default project in the User Settings.
But using Current Project Teams (note the 's' at the end) instead of Current Project Team has satisfied this requirement.The advantage is that I must not specify any project in the 'ID of Accessor' column, so this ACL is not specific to a project and works for ANY project set as default user project.