Privileges are maintained in System Setup: Privilege Rule tab in the User Group Editor.
For more information about Privileges Rules and the Privileges Rule Types, refer to Privilege Rules in the Users and Groups section of System Setup documentation here.
- In System Setup, open Users & Groups, and then click the relevant Group.
The Group appears in the Group Editor.
- Click the Privilege Rules tab.
- Click the relevant Privilege to be changed, right-click, and then click Edit Privilege Rule.
An Edit Privilege Rule dialog box appears.
- Make the relevant changes, and then click Save.
Edit Privilege Rule Options
|
Setting |
Description |
|---|---|
|
Object Creation |
When configuring user privileges, the Object Creation option allows an administrator to give specified access to a user who also has privileges to create new objects in STEP. More information about this option can be found in Object Creation Privileges
|
|
Apply to Node |
Select the allowed classification or product node for the group. This would include specific sub-nodes as well. If a specific Object type and node is selected, the Users in the Group can only access Objects within that selection. e.g., a specific Classification or Product node, or Products of a certain Object type. However, if a Product not included in the selection is linked to a Classification node to which the User has access, the User can access the Product, but not edit it.
|
|
Workflow state |
When you create a user privilege rule for a STEP Workflow state, the group will have that privilege for nodes in that particular state in the STEP Workflow. More information about this parameter can be found in Configuring Workflow Privileges
|
|
User Group |
Web UI user impersonation enables a privileged user to act as another user, but using their own password so that the impersonated user's password is not revealed. This is done through selecting a User Group. More information about this parameter can be found in Web UI User Impersonation
|
|
Action Set |
Select the permitted Action Sets for the Group. Remember to create Action Sets that are very specific to the privileges that you want the User Group to have. For more information about Action Sets, refer to About Action Sets in System Setup documentation
|
|
Attribute Group |
Optional. Select the permitted Attribute Group. Select if the Group should only be allowed to work with attributes in a specific Attribute Group. Note that if are attributes within a group that should not be valid for a User to have access to, a separate group should be maintained containing the attributes the Users should have access to. Consider creating attribute groups that will be used only for privileges and link allowable attributes into the user privilege groups, (approve, view and modify). Separate privilege rules can handle the Category Specific attribute group or sub-groups if they exist.
|
|
Valid for Object type |
Optional. Select the permitted Object type.
For more information about Object Types, refer to Object Types and Structures in System Setup documentation |
|
Apply to Group |
Select the User Group that the Privilege Rules should be applied to. This is usually not necessary if you are already on the group that you are applying Privilege Rules for. |
|
Dimensions |
Optional. Select the permitted Language or Country dimension. If a restriction to a dimension is required, you should know:
Note: The default of Any will allow the Group to work with all dimension points. For more information about Dimension Points, refer to the Contexts topic in the System Setup documentation
|
