Set Initial Element Permissions

For projects that use element or attribute-level access control, the initial permissions for newly created elements are specified at the project-level. The Set Initial Element Permissions command opens a dialog allowing you to custom-define these settings for your project.

When an element is created, the creator of the element is granted full permissions to the element (read, write, delete, and administrator). Other users and groups are granted their specified permissions as defined in these initial element permissions. A user with administrator permission for the element can subsequently update the permissions for an element.

The permissions available are:

• Read - the user or group will be granted permission to read the element, its attributes, relationships, and structure. If permissions have been defined at the attribute level, the user can be denied read permission for specific attributes. In addition, although the user can see the list of all targets, if the user does not have read permission for the target element, a placeholder will be displayed in place of the target name.
• Write - the user or group will be granted permission to change the element, its attributes, relationships, and structure. If permissions have been defined at the attribute level, the user can be granted or denied write permission for specific attributes.
• Delete - the user or group may delete the element from the database.
• Administrator - the user or group may grant and restrict access to the element and, if permissions are defined at the attribute level, access to attributes.

All users and groups granted initial permissions will be shown in the multi-column list. To manipulate the permissions for a user or group, select the user/group in the list pane and check/uncheck the desired items. Users and groups not currently explicitly assigned permissions upon creation are shown in the list on the left. To grant permission to a new user or group, use the right arrow to transfer the user onto the permission list.

What permissions are required to set initial element permissions? To define the initial element permissions, you must have administrator permission for the project.

Tips and Tricks Following standard best practices regarding assigning permissions, it is far better to grant permissions to groups than to individual users. Over time, this approach proves far more manageable and scalable. As new team members are added to the project, they can simply be added to the appropriate group. As team members leave the project, they can be removed from the group. This is far simpler than changing permissions for individual users across the scope of a project.