Every user with author permissions is normally allowed to create and change repository items, for example roles, applications, organisation units, etc.
If some or all repository item types are managed centrally or are imported from another tool, it might be useful to avoid a manual change or creation of new items (for example during the description of a sub process).
To achieve that only existing applications can be used in Symbio and no new ones can be created manually by regular authors, the following settings are necessary:
- Activate Feature: Permissions directly on process/object
- Activate Feature: Permissions for facets
- Create a permission set in the administration area -> "Permission sets":
- it needs only the settings "Show element" and "Open element"
- In the Administration area it is possible to set special facet permissions:
- Here you select the entry "ITArchitecture" from the list of facets and then select "Permissions" -> "Change permissions" in the drop-down menu.
- Following dialog is shown:
- Please set the Dropdown “Inherit permissions” to “Starting from default permissions”
- Select the permission for the majority of the users
- In the permission list below please create one new permission for the users who should be allowed to change the applications
- add the users who should be allowed to change items or create items. It is also possible to add a user group instead/additionally to single users.
- Press OK – this will take several minutes until the changes are done for all applications and all users in the database.
It is possible to add more users/remove users later in this dialog.
You can repeat this for every facet in the list, which should be restricted in the same way.
After applying the new permission successfully to the database, an excluded user does not have the possiblity to add items in the used facet (the button "New" is inactive):
Also, when editing a process, it is now only possible to select existing elements.