I've run into a behavior that is counter-intuitive in how Access Control Rules are applied in Windchill and would like to hear what others have done to solve this issue.
Namely: in our life cycle template I have an Obsolete state. Our users do a Set State to Obsolete for files that are no longer needed. In the access control rules, I want to prevent users from Adding to Workspace (Download permission) and continuing to use any files that are in the Obsolete state but I do want them to be able to Read the meta-data. However, when I Deny download permissions for the EPMDocument type it doesn't apply somehow and all users can still Add to Workspace and use Obsoleted parts.
So my choice is to either deny Read (and therefore Download) or allow both. At the moment, I deny Read. This makes it impossible to Obsolete a part and allow the users to see the meta data with a note in the version comments on what's replacing it.
PTC claims that the Read (without Download) only impacts WTParts and doesn't apply to EPMDocuments even though that's exactly how the rule is setup (Deny Download).
How have others approached obsoleting EPMDocuments?