Skip to main content
17-Peridot
July 4, 2023
Solved

Data Access Control

  • July 4, 2023
  • 2 replies
  • 1297 views

Hi Everyone,

 

I have 50 products in Windchill, here we can take 2 products in that team members are totally different (for example user only on that product not on another product) user is using the search method to find all the data. but he doesn't have access to that product he can view it all. So my question is whoever doesn't have that product access they're not able to view the data. How we can do it.

 

Regards,

Amir

 

Best answer by HelesicPetr

Hi @Amirtharaj_K 

First you need to understand How ACLs Work

 

Then you need to understand OOTB ACL definition About Default Access Control Policy Rules

 

The ACL rule what I am talking about is defined on Organization-PDM level

HelesicPetr_0-1688460175845.png

 

You can just remove this rule and define on all subcontexts or you can remove it and test if it is ok for your access definition.

 

Try it on the test server and you'll see if it is ok for your needs or not. 

 

PetrH

 

2 replies

13-Aquamarine
July 4, 2023

Hi

 

I'm not entirely sure that I understand what you mean. Should users be able to see that data is present in contexts they do not have access to, but not be able to download content?

 

Please try to explain once more. 

 

In any case, if you can control access using groups instead of direct membership within contexts that will make access management easier for your admins. 

HelesicPetr
22-Sapphire II
July 4, 2023

Hi @Amirtharaj_K 

 

An ACL Definition and managing them is pain. . 

 

OOTB configuration is that user who is not part of product team, can not see data except Released one. 

The ACL definition for the object in the Released state is defined on the Organization level. 

 

If you do not want to allow others see data, then change that ACL rule on org level.

 

PetrH

17-Peridot
July 4, 2023

Thank you for the reply Mr. Petr,

can you give me one example like the screenshot or video for this? 

As per my understanding, create a group to control in ACL to set a deny in read. am I correct?

 

Thanks,

Amir

HelesicPetr
22-Sapphire II
July 4, 2023

Hi @Amirtharaj_K 

First you need to understand How ACLs Work

 

Then you need to understand OOTB ACL definition About Default Access Control Policy Rules

 

The ACL rule what I am talking about is defined on Organization-PDM level

HelesicPetr_0-1688460175845.png

 

You can just remove this rule and define on all subcontexts or you can remove it and test if it is ok for your access definition.

 

Try it on the test server and you'll see if it is ok for your needs or not. 

 

PetrH