Access Control
The Paladin® DesignBase™ release introduces facilities to manage which users have what level
of access to projects. The facilities are collectively referred to as “access control.” The access
control system provides for creating user identities, and assigning specific levels of privileges to
those users for individual projects.
IMPORTANT NOTE: Power Analytics Corporation’s software products are tools intended
to be used by trained professionals only. They are not substitutes for your professional
judgment or for independent verification and testing of results as they pertain to your
specific application. Use of all Power Analytics Corporation software products is governed
by the terms and conditions of the End-User License Agreement (“EULA”) you accepted
when purchasing and installing the software. You must comply with these terms and
conditions in applying the instructional material in this manual. If you do not have or are
unfamiliar with the contents of your EULA for this software, you should request, read, and
understand a copy of your EULA before proceeding.
The first requirement is to define user accounts. Some users may be designated as
Administrators. Administrators are users who have privileges to create new users and maintain
the DesignBase user database. Administrators can create additional administrators if they wish.
Administrators can also create general users (users who are not administrators). User accounts
must be created in the DesignBase user database before they can be given privileges to access
specific projects.
Remember that the first Administrator account is created when DesignBase is installed. See the
section on Installing DesignBase to review the process of creating the first Administrator.
Each user is assigned a password by the administrator that creates the user account. Naturally
the administrator must enter the appropriate password for the administrator account that is
performing user administration. As noted above, an initial administrator account will be created
when DesignBase is installed. The account name and the password for the initial Administrator
should be specified by the person installing DesignBase. That account can then be used to create
additional administrator accounts.
Each account has its own password, as specified by the administrator creating the account.
To enter the user administration process, select “Tools > Security > User Maintenance” from the
editor menu.
1
Access Control
You must first identify an administrator account and enter its password:
Once you have been validated as an authorized administrator, you may maintain the user
accounts.
You may select a user account from the drop-down list or enter the User ID.
2
Access Control
Main Screen for user administration
To create a new user account, click the “New User” button
You can specify the User ID, name, password, and user type. For example:
User
User
Click OK to enter the new user.
To select an existing user, click the dropdown arrow in the User ID field, select the user:
3
Access Control
User
Once a user account is selected, its values are displayed:
Click the Save button after making any changes. You can delete a user account by selecting the
account and clicking the “Delete User” button. Click “List Users” to display a list of users.
After user accounts are created, users can assign access levels to specific projects for specific
users.
When a user creates a new project (either with File > New or File > Save As), that user is
considered the manager of that new project. As part of the process of creating a new project, the
user creating the project must indicate if Access Control is to be enabled for the project. This is
done by specifying that passwords are required to use the project.
4
Access Control
Note that this is not the password for the project: it is the password for the user creating and
managing the project.
If “Password Required” is not specified, then access control is not enabled for the project, and
any user may use the project.
To be allowed to assign access levels to projects, the user must be a validated user. Thus, the
user must enter a password before that user can define access levels for a new project.
This means the user account must be created by an administrator before the user can assign
access privileges.
There are seven levels of privilege available levels for project access:
Manager, Librarian, Writer, Updater, Approver, Reader, None.
Any user can be assigned any access level to a project. The creator of the project is designated
as a Manager. Managers can specify other managers, or give lower levels of privilege to other
users.
Managers have full access to the project, including changing access levels for other users.
Librarians can read, write, modify, and delete data in the project, and can also add items to
project libraries.
Writers can read, write, modify, and delete data in the project, including adding new records to
the project.
Updaters can read, and modify data that already exists in the project, but cannot add new
records to the project.
Approvers can read data from the project and mark records as approved. They cannot add or
modify data in the project.
Readers can only read data from the project.
None means that the user cannot access the project.
Privilege levels may be specified for as many users as the project manager desires. These
privileges specify what access is permitted for the users, so the list of privileges is called the
Access Control list.
A manager of the project can choose “Tools > Security > Access Control Maintenance” from the
menu.
5
Access Control
The manager can select the entry for any user that has been entered into the access control list
from the following screen.
6
Access Control
This is done by clicking the drop down arrow in the “User ID” field and choosing a user ID from
the list as shown below.
When the ID is chosen, the current settings for that user are displayed.
The manager can:
Change the setting, then click on Save
Delete the entry by clicking the Delete button
Add a new entry to the list by clicking the Add button
Adding a new entry displays the following screen to be filled in:
7
Access Control
The Manager must specify the User ID and the highest access allowed for that user:
Once a project has had access controls specified, the user must specify a User ID and password
to gain access to the project. When a user attempts to open a project that has access controls,
this screen is shown, indicating the access level the user is permitted for that project:
The user must fill in the user’s password, and may indicate what level of access is requested. The
user may choose a level below the highest access permitted for that user for that project.
For example, a user with Writer access may select Reader access when opening the project. The
user must click the desired access level and click OK.
If a user with privileges below Writer attempts to create a new symbol, the following message is
displayed:
If Reader user attempts to write to a project, the request is refused and this screen is displayed:
8
Access Control
To summarize, these are the steps to use for access control,
1. An Administrator must create user accounts with Tools > Security > User Maintenance
2. A valid user creates a project and specifies that passwords are required for the project
3. The user creating the project becomes its manager
4. A project manager may specify what privileges are available to other users to use the project
with Tools > Security > Access Control Maintenance
5. When authorized users open a project, they must specify their User ID, password, and the
level of access requested. The access level requested cannot exceed their highest access
allowed, as specified by the project manager in the access control list
Power Analytics Corporation
10805 Rancho Bernardo Road, Suite 270
San Diego, California 92127
U.S.A.
U.S. Toll Free Phone: 800-362-0603
Fax: 858-675-9724
www.PowerAnalytics.com
©Copyright Power Analytics Corporation 2012
All rights reserved
