Access Control Security Permissions
In the Object Security Hierarchy, folder and/or document permissions can be set in ProjectWise Administrator for the datasource. Any folders, subfolders and documents created in ProjectWise Explorer, will inherit these permissions. At any level in the hierarchy new permissions can be set which the lower levels inherit.
As each new level is created it automatically inherits the permission set from the previous level. This permission set can then be edited and will become the objects own permission set.
Folder permissions
The following folder permissions can be given to a user for a particular folder, to specify what they may do to that folder.
Permission |
Effect |
Letter shown in audit trail comments, if permission is on |
---|---|---|
Full control |
Sets all other permissions except No access, giving the user total access to the folder, with all editing facilities. |
F |
Change permissions |
If on, the user can change their own or other users' permissions on this tab. |
P |
Create subfolders |
If on, the user can create subfolders under the selected folder. |
C |
Delete |
If on, the user can delete the selected folder. |
D |
Read |
If on, the user can see the folder and view its properties. A user can have Read access without Write access. |
r |
Write |
If on, the user can modify the folder properties. Setting Write access automatically sets Read access. |
w |
No access |
If on, the user will not be able to see or have any access to the folder. Setting on No Access clears all other permissions, thereby taking priority over all others. |
N |
Folder level document permissions
The following document permissions can be given to a user on a particular folder, to specify what they may do with documents in that folder:
Permission |
Effect |
Letter shown in audit trail comments, if permission is on |
---|---|---|
Full control |
Sets all other permissions except No access, giving the user total access to the documents in the folder, with all editing facilities. |
F |
Change permissions |
If on, the user can change their own or other users' permissions on this tab. |
P |
Create |
If on, the user can create documents in the selected folder. |
C |
Delete |
If on, the user can delete documents in the selected folder. |
D |
Read |
If on, the user can see documents in the selected folder, and view those documents' properties. A user can have Read access without Write access. |
r |
Write |
If on, the user can modify the properties of documents in the selected folder. Setting Write access automatically sets Read access. |
w |
Change Workflow State |
If on, the user can change the workflow state of documents in the selected folder. |
S |
File Read |
If on, the user can open files (attached to document in the folder) for viewing. Setting File Read access automatically sets (Document) Read access. A user can have File Read access without File Write access. |
R |
File Write |
If on, the user can open files (attached to documents in the folder) for editing. Setting File Write access automatically sets Read access and File Read access. |
W |
Free |
If on, the user can free documents in the selected folder that have been locked by another user (typically by a check out or an export). |
f |
No access |
If on, the user will not be able to see or have any access to documents in the folder. Setting No Access clears all other permissions, thereby taking priority over all others. |
N |
Individual document permissions
Documents in a folder will inherit their permissions from the document permissions set on the parent folder. You can override any of the following document permissions, at the document level:
Permission |
Effect |
Letter shown in Audit Trail, if permission is on |
---|---|---|
Full control |
Sets all other permissions except No access, giving the user total access to the selected document. |
F |
Change permissions |
If on, the user can change their own or other users' permissions for the selected document. |
P |
Delete |
If on, the user can delete the selected document. |
D |
Read |
If on, the user can see the selected document. A user can have Read access without Write access. |
r |
Write |
If on, the user can modify the properties of the selected document. Setting Write access automatically sets Read access. |
w |
Change Workflow State |
If on, the user can change the workflow state of the selected document. |
S |
File Read |
If on, the user can open the selected document's file for viewing. Setting File Read access automatically sets (Document) Read access. A user can have File Read access without File Write access. |
R |
File Write |
If on, the user can open the selected document's file for editing. Setting File Write access automatically sets Read access and File Read access. |
W |
Free |
If on, the user can free the selected document if is has been locked by another user (typically by a check out or an export). |
f |
No access |
If on, the user will not be able to see or have any access to the selected document. Setting No Access clears all other permissions, thereby taking priority over all others. |
N |
Security permission codes in audit trail comments
When user is directly assigned permissions to a document, folder, or work area, or their permissions for that item get changed, the changes get recorded in the item's audit trail (if your administrator has configured audit trail to record this type of action). Each security permission is represented in the audit trail by a single letter (upper or lowercase, depending on the permission). If the permission is on, then the letter displays; if the permission is off, a dash (-) displays.
For example, the user 'Mary' previously had Full control to a document, until her permissions got changed so that she now only has Read, Write, File Read, File Write permissions to the document. This change is recorded and reflected in the document's audit trail, in the Comments column. In the example below, the Comments column shows both the old and new permissions.