The highest level of access controls administrative access to the SCM-level objects. These objects are projects, repositories, users and user groups, and form types.
The access methods for these objects are as follows:
Defines who can grant access control for the following SCM-level objects: Admin Project, View Project, Admin Repository, View Repository, Admin User/Group, View User/Group, Admin Form Type, View Form Type. Having Secure SCM access does not imply being able to delete or edit SCM-level objects. Users with access to the secure method must explicitly give themselves access to other methods; they are not automatically available.
Defines who can create, delete, view, and set access to all projects and their aggregate objects (states, processes). For example, when a user creates a project, that user can give the ownership of the project to a user group at the object-level by assigning Secure Project access. This access also means that users can give themselves access to do anything in the projects they have created.
Defines who can view the properties of all projects inCA Harvest SCM. User groups with View Project access can also view the properties of all objects (states, processes, packages, package groups, and views) in the project.
View Project access does not prevent a user from being able to modify objects in the project. For example, a user with View Project access can have Update access to states in that project. In this case, the user can modify the state properties, but not the project properties.
In addition, lacking Admin Project access does not prevent a user from being able to modify a particular project. For example, a user with View Project access can have object-level Update access to a particular project. In this case, the user can modify the project properties and add, delete, and update the states and processes in that project.
Defines who can create, delete, view, and set access to all repositories and their aggregate objects (items and item paths). This access method implicitly grants view access to all items and item paths in all repositories.
Defines who can view all repositories inCA Harvest SCM. Users who have view access to a repository can see the properties of the repository and the items and item paths in it, provided that item/path view access is granted at the item/path level.
Defines who can create, delete, edit, and view users and user groups.
Defines who can see the properties of user and user group records. View access allows the user to see the information that shows in the object's properties dialog, but in a read-only mode.
Defines who can create, update, delete, and set access to form types. Users with Admin Form Type access can give themselves or others access to edit the form types they created.
Defines who can view the properties of all form types inCA Harvest SCM.
Lacking Admin Form Type access to an object does not prevent a user from being able to update forms. For example, a user with View Form Type access can update forms of that form type. In this case, the user can modify the form properties but not the form type properties. Although forms are not securable objects, their access is controlled by the packages they are associated with and package access is controlled by Update Package access at the state level.
|
Copyright © 2013 CA.
All rights reserved.
|
|