This lesson describes how to define access rights to folders, diagrams, the dictionary, and dictionary categories. It also shows how to assign access rights to users and user groups. Click each tab below to begin.
Managing Users Access Rights
Let's take a look at some practical examples on access rights based on folder structure and user groups. It's best to first decide on the folder structure before you begin to manage users and their access rights.
Choosing the right structure
Using the right folder structure is one of the key elements to store and navigate quickly to the diagrams in a workspace. Additionally, the access rights for users and groups will be assigned on a folder level which shows how important folder structure is to supporting employee performance.
- END-TO-END STRUCTURE - If the company processes are aligned on end-to-end views, it makes sense to use the same approach for folder structures.
- FUNCTIONAL STRUCTURE - A traditional approach is the functional folder structure. This makes it easier to place and find processes based on their function. HintIf the same processes are used in different departments, it’s recommended to create dedicated folders like "re-usable sub processes" in order to find and re-use them quickly.
- PROCESS STRUCTURE - You can organize your folders based on the specific process. This structure is quite common and a good way to structure processes so they can be easily found by all modelers. HintIn the shown example, there is also an additional folder level to distinguish public and sensitive processes. In this situation, it helps to set the access rights after so you have more flexibility to change these rights for sensitive processes.
Best Practices for Managing User Groups
When dealing with a large number of users, the provided user group functionality allows you to manage access rights easily.
With groups, you can:
- Effectively manage a large number of users
- Define their access rights by creating a group for each organizational role
- Set up a group hierarchy
This simplifies assigning access rights and feature sets to users. You can also grant both groups and users access to read, edit, delete, and publish diagrams on a folder-level.
Take a look at the groups' access rights below.
Both modeler groups are part of the group 'All Modelers' and have reading access to all folders and processes. Group A has an additional access right to edit processes in the public process folder, whereas the sensitive processes can only be edited by Group B.
Watch the video below to see how to grant folder access.
When you grant access to a folder, users have access to the complete folder. Another possible approach is to limit the access to specific folder content.
Watch the video below to see how to limit access to specific content. This video has no audio.
Best Practice: Sandbox Setup
Setting up a sandbox allows you to keep an organized and productive environment while still allowing multiple users to provide input. The sandbox approach can be used for both the dictionary and process repository. The steps for creating sandboxes in the dictionary are:
- Create a sub category for a dictionary category (e.g. Sandbox Documents)
- In the user management tab, grant all users access to provide input
- Restrict access to the parent category, e.g. only give your process management team access to this
Do the same for folders to create a playground for your modelers or to enable Collaboration Hub users to create quick model processes as well.
Recommendation: A dedicated team with global access rights should go over the sandboxes periodically to transfer the approved content to the parent folder or category.
Watch the video below to see an example how to set up your sandbox.
Access Rights for Diagrams and Folders
Below are the available access rights you can give to your users and groups. Click through each of them to learn more.