ER/Studio - Embarcadero Technologies Product Documentation
ER/Studio - Embarcadero Technologies Product Documentation ER/Studio - Embarcadero Technologies Product Documentation
ADMINISTRATOR’S REFERENCE > ESTABLISHING SECURITY FOR THE REPOSITORY Creating and Managing Roles ER/Studio lets you create customized roles with different sets of permissions. Repository Object Type Permissions are pre-defined privileges to operate on Repository items. You can assign them to a role, which gives users assigned to that role, permission to perform certain Repository operations. You can use the many available privileges to create specific roles to suit your environment. For example, you can create and assign some roles like the following: • Repo Level Basic, which has all of the Repository level permissions, assigned to the target user at the Repository level. • Logical Only Modeling, which has all of the Diagram, Model, and Submodel level privileges that do not apply to the physical model, assigned to the target user at the diagram level for each diagram in the Repository or at least the ones that the target user is allowed to work on. With the above roles and assignment, when the target user adds the diagram, the user can check it out, but cannot modify it. To allow the user modify the logical model immediately after adding it, the Admin would have to apply the "Logical Only Modeling" role to the target user at the Repository level. NOTE: To access, create, update, and delete user information, a Repository administrator must have Repository Object Type Permission, Access Security Info and Update Security Info privileges. Create, Update, and Delete Roles 1 Click Repository > Security > Security Center. 2 Select the Manage Roles tab. 3 Click New. 4 Click an item in the Repository Object Type list and then in the Repository Object Type Permission area, assign the permissions you want to assign to the role for the selected object type. 5 Repeat step 4 for each Repository Object Type. 6 Click Apply and continue changing security settings and then when finished, click OK to exit the security center. 7 To apply the new role to exisitng users, see Assigning a Role to a User. 8 Inform affected users that they should log out of the Repository and then log in again to receive the security updates. Notes • Once created, the Administrator can select the role and update, delete or rename it at any time. Renaming the role does not affect the privileges users have, but if you delete a role users who had access to Repository items through that role, will no longer have access to those items. • Users cannot modify objects without the necessary permissions, regardless of whether the user has the objects checked out. • To facilitate immediate access to a newly added diagram (not projects) the Admin should set up privileges as follows: If a user gets a submodel and wants to add an entity, the user must have Create Entity permission in the model containing the submodel, as well as Add Member permission in that submodel. If the user deletes an entity, the user must have Remove Member permission in that submodel. In addition, if the user wants to select the "Delete From Model" check box, the user must have Delete Diagram Object permission in that model. • Once you delete a role from the Repository, it will no longer be in the database. • To access/create/update/delete user information, a Repository administrator needs to have the Access Security Info and Update Security Info Privileges applied to the Roles. • Before you delete a role, you must unlink any diagrams that are assigned to it and delete any users assigned to it. EMBARCADERO TECHNOLOGIES > ER/STUDIO® 8.0.3 USER GUIDE 330
ADMINISTRATOR’S REFERENCE > ESTABLISHING SECURITY FOR THE REPOSITORY • The following lists the Repository Object Types, the permissions you can grant, and the common operations these permissions give access to: Repository Object Types Repository Object Type Permissions Permitted Operations Repository Access Security Info Security Center: View settings Update Security Info Security Center: View and change settings Create Diagram Add Diagram Update Diagram Check Out Diagram, Check In Diagram Check Out Object(s), Check In Object(s) Undo Check Out Diagram, Undo Check Out Object(s) Redo Check Out Diagram, Redo Check Out Object(s) Delete Diagram Delete Diagram If you delete a diagram in Repository, the file itself remains on the local disk. Create Enterprise Dictionary Create Enterprise Dictionary Update Dictionary Check Out Data Dictionary, Check Out Dictionary Object(s), Check In Data Dictionary, Undo Check Out Data Dictionary, Redo Check Out Data Dictionary Create Project Create Project Delete Project: Delete Project Project Add Project Member Add Diagram to Project Remove Project Member Remove Diagram from Project Diagram Bind Enterprise Dictionary Create New Enterprise Data Dictionary, Bind Existing Enterprise Data Dictionary UnBind Enterprise Dictionary Remove Enterprise Data Dictionary Compare Models Run Compare/Merge Wizard Create Physical Model Create Physical Model Delete Physical Model Delete Model Set Named Release Set Named Release Delete Named Release Delete Named Release Rollback Diagram To Named Release Update Diagram Properties Rollback Diagram Edit Title Block Data, Edit Diagram Properties Create Data Flow Create New Data Flow on the Data Lineage tab Delete Data Flow Delete Data Flow from the Data Lineage tab EMBARCADERO TECHNOLOGIES > ER/STUDIO® 8.0.3 USER GUIDE 331
- Page 279 and 280: WORKING WITH THE REPOSITORY > WORKI
- Page 281 and 282: WORKING WITH THE REPOSITORY > WORKI
- Page 283 and 284: WORKING WITH THE REPOSITORY > WORKI
- Page 285 and 286: WORKING WITH THE REPOSITORY > WORKI
- Page 287 and 288: WORKING WITH THE REPOSITORY > WORKI
- Page 289 and 290: WORKING WITH THE REPOSITORY > WORKI
- Page 291 and 292: WORKING WITH THE REPOSITORY > WORKI
- Page 293 and 294: WORKING WITH THE REPOSITORY > WORKI
- Page 295 and 296: WORKING WITH THE REPOSITORY > WORKI
- Page 297 and 298: WORKING WITH THE REPOSITORY > CANCE
- Page 299 and 300: AUTOMATING ER/STUDIO > Related Topi
- Page 301 and 302: AUTOMATING ER/STUDIO > Object Model
- Page 303 and 304: AUTOMATING ER/STUDIO > Macros which
- Page 305 and 306: AUTOMATING ER/STUDIO > Meta Data Ma
- Page 307 and 308: AUTOMATING ER/STUDIO > • Definiti
- Page 309 and 310: AUTOMATING ER/STUDIO > Access ER/St
- Page 311 and 312: AUTOMATING ER/STUDIO > You can cust
- Page 313 and 314: AUTOMATING ER/STUDIO > The table be
- Page 315 and 316: AUTOMATING ER/STUDIO > Click the ?
- Page 317 and 318: Administrator’s Reference This se
- Page 319 and 320: ADMINISTRATOR’S REFERENCE > CONNE
- Page 321 and 322: ADMINISTRATOR’S REFERENCE > UNDER
- Page 323 and 324: ADMINISTRATOR’S REFERENCE > MANAG
- Page 325 and 326: ADMINISTRATOR’S REFERENCE > MANAG
- Page 327 and 328: ADMINISTRATOR’S REFERENCE > MANAG
- Page 329: ADMINISTRATOR’S REFERENCE > ESTAB
- Page 333 and 334: ADMINISTRATOR’S REFERENCE > ESTAB
- Page 335 and 336: ADMINISTRATOR’S REFERENCE > ESTAB
- Page 337 and 338: Tutorials The tutorials are intende
- Page 339 and 340: TUTORIALS > GETTING STARTED WITH ER
- Page 341 and 342: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 343 and 344: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 345 and 346: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 347 and 348: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 349 and 350: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 351 and 352: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 353 and 354: TUTORIALS > LOGICAL AND PHYSICAL MO
- Page 355 and 356: TUTORIALS > DOCUMENTING AN EXISTING
- Page 357 and 358: TUTORIALS > DOCUMENTING AN EXISTING
- Page 359 and 360: TUTORIALS > DOCUMENTING AN EXISTING
- Page 361 and 362: TUTORIALS > DOCUMENTING AN EXISTING
- Page 363 and 364: TUTORIALS > DOCUMENTING DATA LINEAG
- Page 365 and 366: TUTORIALS > DOCUMENTING DATA LINEAG
- Page 367 and 368: TUTORIALS > DOCUMENTING DATA LINEAG
- Page 369 and 370: TUTORIALS > DOCUMENTING DATA LINEAG
- Page 371 and 372: TUTORIALS > DOCUMENTING DATA LINEAG
- Page 373 and 374: TUTORIALS > DIAGRAM NAVIGATION AND
- Page 375 and 376: TUTORIALS > DIAGRAM NAVIGATION AND
- Page 377 and 378: TUTORIALS > IMPORTING AND EXPORTING
- Page 379 and 380: TUTORIALS > IMPORTING AND EXPORTING
ADMINISTRATOR’S REF<strong>ER</strong>ENCE > ESTABLISHING SECURITY FOR THE REPOSITORY<br />
Creating and Managing Roles<br />
<strong>ER</strong>/<strong>Studio</strong> lets you create customized roles with different sets of permissions. Repository Object Type Permissions are<br />
pre-defined privileges to operate on Repository items. You can assign them to a role, which gives users assigned to<br />
that role, permission to perform certain Repository operations. You can use the many available privileges to create<br />
specific roles to suit your environment.<br />
For example, you can create and assign some roles like the following:<br />
• Repo Level Basic, which has all of the Repository level permissions, assigned to the target user at the<br />
Repository level.<br />
• Logical Only Modeling, which has all of the Diagram, Model, and Submodel level privileges that do not apply to<br />
the physical model, assigned to the target user at the diagram level for each diagram in the Repository or at least<br />
the ones that the target user is allowed to work on.<br />
With the above roles and assignment, when the target user adds the diagram, the user can check it out, but cannot<br />
modify it. To allow the user modify the logical model immediately after adding it, the Admin would have to apply the<br />
"Logical Only Modeling" role to the target user at the Repository level.<br />
NOTE: To access, create, update, and delete user information, a Repository administrator must have<br />
Repository Object Type Permission, Access Security Info and Update Security Info privileges.<br />
Create, Update, and Delete Roles<br />
1 Click Repository > Security > Security Center.<br />
2 Select the Manage Roles tab.<br />
3 Click New.<br />
4 Click an item in the Repository Object Type list and then in the Repository Object Type Permission area,<br />
assign the permissions you want to assign to the role for the selected object type.<br />
5 Repeat step 4 for each Repository Object Type.<br />
6 Click Apply and continue changing security settings and then when finished, click OK to exit the security center.<br />
7 To apply the new role to exisitng users, see Assigning a Role to a User.<br />
8 Inform affected users that they should log out of the Repository and then log in again to receive the security<br />
updates.<br />
Notes<br />
• Once created, the Administrator can select the role and update, delete or rename it at any time. Renaming the<br />
role does not affect the privileges users have, but if you delete a role users who had access to Repository items<br />
through that role, will no longer have access to those items.<br />
• Users cannot modify objects without the necessary permissions, regardless of whether the user has the objects<br />
checked out.<br />
• To facilitate immediate access to a newly added diagram (not projects) the Admin should set up privileges as<br />
follows: If a user gets a submodel and wants to add an entity, the user must have Create Entity permission in the<br />
model containing the submodel, as well as Add Member permission in that submodel. If the user deletes an<br />
entity, the user must have Remove Member permission in that submodel. In addition, if the user wants to select<br />
the "Delete From Model" check box, the user must have Delete Diagram Object permission in that model.<br />
• Once you delete a role from the Repository, it will no longer be in the database.<br />
• To access/create/update/delete user information, a Repository administrator needs to have the Access Security<br />
Info and Update Security Info Privileges applied to the Roles.<br />
• Before you delete a role, you must unlink any diagrams that are assigned to it and delete any users assigned to it.<br />
EMBARCAD<strong>ER</strong>O TECHNOLOGIES > <strong>ER</strong>/STUDIO® 8.0.3 US<strong>ER</strong> GUIDE 330