cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you get an answer that solved your problem? Please mark it as an Accepted Solution so others with the same problem can find the answer easily. X

Windchill Users can checkout, but not check in

Aaronm87
12-Amethyst

Windchill Users can checkout, but not check in

I have a context that I want in work WTobjects to have full control by designers, but released WTobjects to be restricted. When I add permissions to give WTobjects with an "in work" state, users in the designer role can check out but not check-in. If I right check permissions on the files, designers have full control but upon check-in get the error below. Any ideas on what would cause this?

 

"ATTENTION:  Secured Action. You do not have the necessary authorization for this operation. Contact your administrator if you believe you have received this message in error."

3 REPLIES 3
avillanueva
22-Sapphire I
(To:Aaronm87)

Wow, this like the anti-roach motel. Can you send the methodserver log for that access error?

Sounds like it might be an ACL problem. I believe the scenario you described would occur for CAD or WTDocuments (objects with files) if the Modify permission was granted but the Modify Content permission was missing. You can access the ACLs at the Site/Org/Product>Utilities>Policy Administration and here's the Access Permissions Help Documentation that describe the various permissions.

 

Here's a screenshot of our ACLs changed to use the more out of the box In Work and Released states.

 

lhoogeveen_1-1677854978034.png

 

Side note: The Set State permission on the Released row allows using Promotion Requests to get objects to Released (this is not obvious in the Help Documentation). Modify would allow using Promotions Requests but gives the undesired ability to checkout Released objects. We've disabled Set State transitions in the Lifecycle to prevent users from using the Set State command.

Double check that you don't have any "deny" ACLs assigned that might block access. If you have a deny set against Team Members, or perhaps All States, it might trump the access that you're trying to provision.

Top Tags