PDXpert® on PDXpert on Google+

This topic is contained in the PDXpert help file: select Contents from the application's Help menu.

User roles & permissions

User accounts

Creating a person record (that is, a new member of the Persons collection) allows someone's name to be entered into a PDXpert item or to receive an email notification. For example, to add Tom Edison as a change workflow observer, his Persons collection record must be created before his name can be used. Although Tom may then receive observer emails, he would not be able to view the change inside PDXpert unless he also has been assigned a user account to open PDXpert.

A user account is assigned to a Persons collection record, and permits the account holder to access ("log into") PDXpert. A user account has two elements: an account (or "login") name and a password:

  • Account names can be any string of characters, such as some combination of the user's first and/or last names or employee number. An account user name is not case-sensitive.
  • Passwords are case-sensitive. Although a user account always has a password, administrators can allow blank passwords. A temporary password is usually assigned when a security account is first created, and users are expected to change their passwords immediately. After the account is created, system administrators can never view a user's password; if a password is forgotten, a system administrator can only clear it or assign a new one.

When a person's user account has been created, the administrator assigns a role to that user.

Full-function and read-only licenses

A full-function license permits the creation and modification of item records, approval of change forms, and the administration of collections in accordance with the role assigned to the user. A read-only license prevents the user from unlocking item windows, and therefore can't be used to create or edit items, add file attachments, or approve change forms. Viewing permissions are still regulated in accordance with the user's assigned role.

Roles

PDXpert is installed with a standard set of security roles that permit users to access information appropriate for their responsibilities. Access can be further tailored on a per-role, and new user roles can be defined with their own set of permissions.

Access can be quite specific: PDXpert defines various access rights to certain fields on each form, so some users can have full read/write access to some fields (for instance, cost data) while the fields may be read-only to other users. This is accomplished by assigning items to a product family, and then allowing or withholding permissions to users for that product family. Finally, even if users have access to an item, their access to attached files can be further restricted on a file-by-file basis.

Administrator

Administrators have the ability to create and delete user accounts, authorize group reviewers, manage collections, set system options and workflows, and make other changes to the system environment.

A role has administrator permissions when the Collections/Rules: Manage checkbox is marked in the related member of the Roles collection.

An administrator can also modify selected item attributes if the role allows access to those items and the Administrator override rule is marked.

Analyst

Analysts have overall responsibility for processing changes after they've been submitted. The analyst can edit various fields, modify any of the trustees' work, and route the change to the reviewing departments.

In addition to a system analyst, who can manage all item classes, there can be class-specific analysts:

  • Document analyst: This role is limited to act as trustee only for documents, and can only manage changes that affect documents.
  • Part analyst: This role is limited to act as trustee only for parts, and can only manage changes that affect parts.

Normal user

Normal users have free access to create new items, as well as create and edit change forms that can then be submitted for approval. If a normal user is an item trustee or an authorized reviewer, more permissions may be available.

  • Trustee: This is a self-assigned role; you have certain rights to modify, release or delete items that you've created.
  • Reviewer: As a reviewer, you're the department's representative in examining and approving change forms and their associated items.

Guest

Guests can view any item for which they have appropriate permission, but cannot make any database additions, changes, or deletions. Guests do not have permissions to view collection members.

A guest role is defined by clearing all Create new and Manage checkboxes on the Roles collection member window.

Product Families

While roles define broad categories of access, the Product Families collection allows you to tailor access much more narrowly.

Product Team

Users identified on a Product Families collection member's Product Team tab have permissions to modify specific item attributes even after an item has been released.

Denied Access

You can exclude a person, department, or organization from viewing items belonging to a particular product family, even if a role generally permits the user to view, create, or manage items. You can override this exclusion by explicitly adding the user to the Product Team. For instance, you can exclude the entire marketing department from viewing a new product design by listing that department on the Denied Access tab, but then allow the project's marketing manager to work on the project by adding that user to the Product Team tab.

Department's Authorized Reviewers

Department reviewers represent a department's interest in the contents of a change form. One reviewer from each required department must approve a change form before it can be released; a single reviewer who disapproves the change prevents it from being released.

Obviously, to fully represent a department, a reviewer must have full access to the items affected by the change form. Therefore, reviewers typically will have broad permissions to parts and documents, and must not be prevented from viewing items based on their product family.

Each time a change form is forwarded to another department during the approval process, the permissions of the department reviewers are checked. If there are no approvers with sufficient permissions, the change form is stopped until the problem is corrected. Once a replacement has been assigned appropriate permissions to manage the change form, the change workflow can be resumed.

1126

Help topics describe the most current PDXpert PLM software release, and may differ from earlier releases.