Key principles
Access rules control the actions available to different users on each type of object (documents, parts, products, etc). They complement the limitations defined by :
user roles (admin, manager, viewer, shared)
the object distribution scope (site)
Access rules provide with 4 levels of rights:
View without download: the document can be viewed in the application, but not downloaded to the user's computer
View: the document can be opened in the browser and downloaded, but not modified
Modification: document can be opened, modified and signed, but Draft revisions cannot be validated
Full access: all rights
Access rules are permissive: they allow you to grant rights, but not to prohibit actions. They have the following structure:
A users' group, determined by one or several criterias (ie: site, role)
Are granted access rights
On a set of documents, determined by criteria on their properties
See an example below :
rule 1 says that all users can visualize all documents
rule 2 enable managers to "modify" some documents
How to create an access rule
To create a new access rule:
Go to Administration tab
Open the Access rules tab
Select the type of object to be covered by the rule (i.e: document, CAD)
Click on New rule
In the tab that opens, name the rule to be created
Choose the criteria for defining a user group (ie : site or role)
Choose the rights to be given to these users
Select criteria to define a document group (ie : type)
Click on Create