| Online Helps > Rule Team Server Online Help > Admin: Administer Your Projects > Groups |
Groups |
PREVIOUS NEXT |
Rule Team Server uses groups to determine which users can access which projects (see Setting Project Security) and what permissions (see Permissions) users have to create/update/view/delete the different element types and properties of rule projects.
Rule Team Server groups correspond to the roles defined in the application server.
All users that want to sign in to Rule Team Server must be a member of at least one of the following predefined groups:
Users belonging to the rtsUser group will have the basic Explore, Query, and Compose tabs available to them when they sign in to Rule Team Server. Users belonging to the rtsConfigManager group will also have the Configure tab available.
Similarly, users belonging to the rtsAdministrator group will have the Admin and Configure tabs available to them, as well as extra buttons in some of the toolbars (Manage Baselines, Release Locks, and so on) not available to users belonging to only the rtsConfigManager or rtsUser groups.
Administrators (that is, users belonging to the rtsAdministrator group) always have permission to create/update/view/delete all the different element types and properties of all rule projects.
Permissions for any other group must be set explicitly by the Administrator, as described in section Setting Permissions.
The predefined groups may be sufficient to handle all the security and permission requirements of your users, but this is not the recommended approach. It is preferable to define new groups that separate your users more finely, typically to take into account differences in business activity or hierarchy.
Since a user may belong to several groups, and all users belong to at least one of the predefined groups (typically, rtsUser) in order to have the tabs available, defining a permission management system for your Rule Team Server users normally involves removing project access to rtsUser in favor of the new groups. See tutorial Permissions Tutorial for an example.
| Note |
| If a user is part of more than one of the groups that can access a given project, Rule Team Server will merge the permissions and choose the less restrictive group in case of conflict. |
User groups are also used to set the Group property of project elements (see What are Properties).
When a project element is created, Rule Team Server sets the Group property of the new element to the user's group. If the user belongs to more than one group that has security access to the project, Rule Team Server selects the first group to which the user belongs from the list of groups that have access. Once set, the Group property can be modified by users that have permission to update this property. Typically this should only be done by the Administrator, as described in tutorial Permissions Tutorial.
| Copyright © 1987-2008 ILOG S.A. All rights reserved. Legal terms. Documentation homepage. | PREVIOUS NEXT |