Community Tip - Need to share some code when posting a question or reply? Make sure to use the "Insert code sample" menu option. Learn more! X
To allow standardizing team member with limited read access at released and obsolete states, member role can be used to at the ORG level to allow more access to standardize create, modify, etc and pre-released states. Thus, you don't have to create ACLs at each sub context of library, product andproject. Generic roles for ACLs at organization level allows for a standardized method of administrating security.
Just a suggestion from the business best practices:
You would have to remove the Team Member access for less mature states. All roles in a team will be given the initial team member access.
And move the root access for ALL principals, All States, Full rights for to members role(s) only at org level
This is just the wrong location for workspace configspec ACLs. You don't want every user of WGM to see all the containers. Plus, they get confused where to check in because they will have access to create a workspace in any container. Most common error is that they will pick the first on the list by aphanumerical order.
I should have posted this long time ago. But, every customer is different and this is just at a high level. You can go into more details with more generic roles like WGM member, WTDOCUMENT type member, etc.
Best Regards,
Patrick