cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - When posting, your subject should be specific and summarize your question. Here are some additional tips on asking a great question. X

Inclusion of IM Dynamic Group functionality into IM Project

Neeraj_Jain
10-Marble

Inclusion of IM Dynamic Group functionality into IM Project

IM Dynamic Group functionality basically defines and affects the IM Project and access control definition to all Items created within that project.

How about listing all the dynamic groups at Project creation/update wizard itself so that correspending Project Adminstrator can update the information & memebership of relevant project at same place.

 

I feel this way we can also define the Project permission (Project access scope) based on the dynamic group membership.

Currently, Project Permission (tab) allows only STATIC GROUP which I feel is not ideal. Sometimes, you really want to expose Project & Project data to only to specific bunch of users and not entire static group members.

 

Pl comment with your suggestions/opinions on this.

 

You can follow the same idea I had posted on PTC Community in below link:

https://community.ptc.com/t5/Integrity-Ideas/Inclusion-of-IM-Dynamic-Group-functionality-into-IM-Project/idi-p/491439/jump-to/first-unread-message

 

 

Thanks,
Neeraj Jain

4 REPLIES 4
witc
2-Explorer
(To:Neeraj_Jain)

Indeed a great idea. Completely agree with you .

Hello Neeraj,

 

In Integrity, 2 group types serve a specific purpose:

 

a) Static Groups (known as IM Groups, Access Groups) = Grant Access to Projects

b) Dynamic Groups (Project specific, known as Roles) = Granting additional Rights within the Projects.

 

For each area in your project structure you will usually define an Access Group. If a user is part of this acces group, he will be allowed to see the data in it. Editability, State changes, Data visibility will be managed by dynamic groups.

 

If you want to add a user temporarely (dynamically) to a project, you will put him into the corresponding Access group (Static group). To remove access rights, you remove him again.

 

As long as you have defined such a structure you don't need to have dynamic groups to manage access as well.

Hope this helps and clarifies.

Volker

 

Hi Volker,

 

Thank you for your response.

 

The problem with Static group is it grants access to users who are not intended to access the projects.

 

For e.g. Consider a static group named 'Test Engineer' with members, tester1, tester2 & tester3

   For Project A, tester1 & tester2 are responsible
   For Project B, tester2 & tester3 are responsible

So, permitting static group here will provide unauthorized access to tester3 for ProjectA & tester1 for ProjectB

 

Dynamic group absolutely solves this mess but it would be nicer if they are located at Project wizard in some tab maybe.

JensN.
14-Alexandrite
(To:VolkerEckardt)

Hi Volker,

 

thanks for the explanation. in our environment we also encounter problems with the suit of permissions, if we have assigned them via dynamic groups. And we did this because changing a static group can only be done by administrators with a higher rating than changing dynamic groups.

And by the way: it seems that static groups are more dynamic than dynamic groups after your explanation;)

 

kind regards, Jens

Announcements


Top Tags