Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Current »

The goal of this page is to provide general recommendations to admins on privileges that most end-users will need for working effectively with Syndeia Cloud. The sections on this page present the Global Privileges, Digital Thread Project Privileges, or their combinations that are needed for end-user capabilities.

Contents

Prerequisites

Syndeia provides extensive capabilities for user management, including Global Privileges and Digital Thread Project Privileges (NEW IN 3.6). These are described in details in the following pages of this guide.

Digital Thread Project Capabilities

End-user capabilities for Digital Thread Projects require a combination of Global Privileges and Digital Thread Project Privileges which are presented here.

(1) Digital Thread Project Authors - These users will be able to create/update Digital Thread Projects and their contents, including creating/updating/deleting relations, baselines, queries and collections, and others.

  • Global Permissions needed: REPOSITORY_CREATE, REPOSITORY_MODIFY, CONTAINER_CREATE, CONTAINER_MODIFY, TYPE_CREATE, TYPE_MODIFY, ARTIFACT_RELATION_WRITE, RESTFUL_WRITE, READ

  • Digital Thread Project Permissions needed:

    • If the Digital Thread Project is created by an author, they are automatically granted ALL permissions on that project, including PRIVILEGE_MANAGE which allows them to add other users (authors or reviewers) to that project.

    • If the Digital Thread Project was not created by an author, they must have the following permissions on that project: READ, RELATION_WRITE, QUERY_WRITE, BASELINE_WRITE

(2) Digital Thread Project Reviewers - These users will be able to review the content of Digital Thread Projects, including viewing all relations, navigating the digital thread explorer, viewing reports, viewing and comparing baselines, and running queries and collections.

  • Global Permission needed: READ

  • Digital Thread Project Permission needed: READ on each Digital Thread Project that these users will be reviewing.

Administrative Capabilities

(1) Global Graph Query Authors - These are advanced users who are authors/reviewers on multiple Digital Thread Projects but in addition have a business need to run graph queries queries across ALL Digital Thread Projects, including those for which they are NOT an author/reviewer.

  • Additional Global Permission needed: GRAPH_QUERY. Refer to details on the GRAPH_QUERY permission in the Global Privileges page.

(2) User Management with Global Privileges - These are administrators who will be performing all the basic user management functions (described in User Management - Basics) and assigning Global Permissions to users (described in Global Privileges). These administrators must be ONE OF the following.

  • Super User (super.user), OR

  • User with Admin role, OR

  • User with USER_READ, USER_CREATE, USER_MODIFY Global Permissions.

(3) User Management with Digital Thread Project Privileges - These are administrators who will assigning permissions on Digital Thread Projects to users. These administrators must be ONE of the following.

  • Super User (super.user), OR

  • User with PRIVILEGE_MANAGE permission on specific Digital Thread Projects where user privileges need to be added or modified.

  • No labels