Setting permissions and access in DOORs

Hi All,

 

I know DOORS have user types and specific powers assigned to user types. Can we set specific permissions in DOORs for creating Attributes or creating objects for a particular user.

 

I have the following scenario:

 

My requirement is, user should never be able to create attributes but should be able to create objects in DOORs Modules.

 

Can the above be achieved?

 

Thank you,

Kunal


Kunal Nigade - Mon May 16 01:55:13 EDT 2016

Re: Setting permissions and access in DOORs
PekkaMakinen - Mon May 16 05:31:04 EDT 2016

"user should never be able to create attributes but should be able to create objects in DOORs Modules."

Can be done if you use a fixed form module template.

First set the default access right to the module for the specific user to be read only -> no create or modify rights at all. After that set specific access right to the current objects in the module or template, e.g. RC (read and create) and use propagation to give modify (M) or even delete (D) rights to the user (see http://www.ibm.com/support/knowledgecenter/SSYQBZ_9.5.0/com.ibm.doors.requirements.doc/topics/c_propagate.html).

Re: Setting permissions and access in DOORs
Mike.Scharnow - Mon May 16 05:41:49 EDT 2016

PekkaMakinen - Mon May 16 05:31:04 EDT 2016

"user should never be able to create attributes but should be able to create objects in DOORs Modules."

Can be done if you use a fixed form module template.

First set the default access right to the module for the specific user to be read only -> no create or modify rights at all. After that set specific access right to the current objects in the module or template, e.g. RC (read and create) and use propagation to give modify (M) or even delete (D) rights to the user (see http://www.ibm.com/support/knowledgecenter/SSYQBZ_9.5.0/com.ibm.doors.requirements.doc/topics/c_propagate.html).

Pekka: If I understand you correctly, with your approach your user will only be able to create objects below the top level objects.

Example:

Module Structure:

Heading 1

--Heading 1.1

----Req MOD-5

Heading 2

 

You can set RC propagate M on Heading 1 and Heading 2, and the user will be able to create e.g. Heading 1.2 and modify Heading 1.1 and REQ MOD-5.

But there is no chance to allow the user to create a new Heading 3. Is this correct or did I miss something? Is this what you mean by "fixed form module template"?

Regards,
Mike

Re: Setting permissions and access in DOORs
PekkaMakinen - Mon May 16 05:46:18 EDT 2016

Mike.Scharnow - Mon May 16 05:41:49 EDT 2016

Pekka: If I understand you correctly, with your approach your user will only be able to create objects below the top level objects.

Example:

Module Structure:

Heading 1

--Heading 1.1

----Req MOD-5

Heading 2

 

You can set RC propagate M on Heading 1 and Heading 2, and the user will be able to create e.g. Heading 1.2 and modify Heading 1.1 and REQ MOD-5.

But there is no chance to allow the user to create a new Heading 3. Is this correct or did I miss something? Is this what you mean by "fixed form module template"?

Regards,
Mike

Yes, the user can not create Level 1 objects, e.g. Heading 3 in your example. And for that reason at least the upper level heading structure is fixed, they have to be created by some DOORS admin but the user cannot modify the structure.

Re: Setting permissions and access in DOORs
Kunal Nigade - Mon May 16 08:21:01 EDT 2016

PekkaMakinen - Mon May 16 05:46:18 EDT 2016

Yes, the user can not create Level 1 objects, e.g. Heading 3 in your example. And for that reason at least the upper level heading structure is fixed, they have to be created by some DOORS admin but the user cannot modify the structure.

What if I want the user be able to create Level 1 objects, e.g Heading 3 in your example. Is this possible at same time user should be restricted from creating Attributes.

 

Thank you,

Kunal.

Re: Setting permissions and access in DOORs
PekkaMakinen - Mon May 16 08:24:56 EDT 2016

Kunal Nigade - Mon May 16 08:21:01 EDT 2016

What if I want the user be able to create Level 1 objects, e.g Heading 3 in your example. Is this possible at same time user should be restricted from creating Attributes.

 

Thank you,

Kunal.

Not possible, attributes and Level 1 objects are both kind of root level items in a module.

Re: Setting permissions and access in DOORs
Mike.Scharnow - Mon May 16 10:54:48 EDT 2016

Just as an idea:

We had the same requirement for one of our projects.

The final concept was such:

- create a "database" which contains the allowed structure of a DOORS DB, e.g. by using template modules and creating references

- every night, a script runs which checks whether all attributes in all DOORS modules are allowed

- if not, it removes the access rights for the users to modify the attribute definition and the attribute value and notifies the administrator team

- the next day, the admin can contact the project team and discuss with them why they need such and such an attribute. It is then decided whether the attribute will be added to the list of allowed attributes and access rights are given back to the users to modify the attribute value or whether the new attribute will be removed from the module again.

- of course, the project team should contact the administrators before they create a module and start the discussion before actual modifications are done

 

As you can guess, this concept was not written and implemented in one day  :-)

 

Regards,
Mike