Duplicated permissions across components
We are using multiple (say three) components in our project, each with one stream. Each component/stream defines a 'Requirement' artifact type, where the URI for each 'Requirement' is the same across each component.
When setting the 'Save Artifact' permissions for the 'Requirement' artifact, it appears three times in the list - one for each stream. I would have imagined that it would only appear once, as the URI is the same for all.
Am I doing something wrong? This seems to be an issue to me, when you have your system requirements broken down into a number of components, how are you supposed to manage artifact and attribute permissions efficiently?
|
2 answers
All companies I know aim for a common RM datamodel. Otherwise you would end up with a mess in LQE and with your overall reporting. But efficient sharing and maintenance of datamodel-specific permissions is not possible "by design" (133158: DNG Roles / Permissions incorrectly set if using customised process templates in Configuration Enabled Project Areas).
We expect that we will end up with several hundreds (maybe thousands) of streams in future. But we miss efficient maintenance of a common datamodel and datamodel-specific permissions. Inheritance of datamodel-specific permissions by "Process Sharing" does not work if PAs are configuration enabled.
I see two options how to deal with this issue:
- Avoid datamodel-specific permissions
- Custom Tooling/Scripting
I appreciate any additional idea or hint concerning this topic.
|
I believe this is working as designed so that you have the granularity to have different users working on the individual streams.
Comments
Harrison Vince
commented Nov 12 '19, 5:31 p.m.
Thanks Valerie, this is interesting. This means that, for stream level permissions, the same level of fidelity can be achieved with both roles and team areas:
Our database is quite large, do you know if there is a recommended approach to the best way of doing this?
Harrison Vince
commented Nov 12 '19, 5:32 p.m.
There is also the possibiltity of setting permissions at the team area level, which I havnt touched on here. |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.