As part of the release of Syndeia 3.6, we are publishing a series of blog posts highlighting the new features supporting practical implementation of digital threads in system development.
In Part 1, we introduced the concept of Digital Thread Projects (DTP) and the three levels of security (Global, Repository and Project). The objective is that each user’s permissions can be narrowly tailored to let them do their job without giving them access or change authority they do not need.
In this post, we will consider what types of permission are available and how they are assigned. Authorization for API access to the underlying repositories is set by each repository administrator. This is not a Syndeia-specific topic but contact us at www.intercax.com/help if you have questions. Global and Project user permissions are controlled through Syndeia.
Figure 1 shows a user’s privileges at both the global and project level in Syndeia 3.6. This page is only available to the Syndeia Cloud administrator/super-user. Global privileges apply to all the projects the user may have access to, as well as the ability to create new repository connections, new DTPs, and new RESTful API queries.
Project Privileges
Similar to global privileges, project privileges can be finely tailored to the individual users. There are five privileges that can be assigned
- Read – view the project including relations and reports, run saved queries, and compare baselines.
. - Relation_Write – create and delete inter-model relations within the project.
- Baseline_Write – add and delete new baselines for the project
- Query_Write – create, edit and delete collections and queries saved as part of the project.
- Privilege_Manage – add and delete users from the project and edit their permissions. Any user given this permission has the same privileges.
When a Syndeia Cloud user creates a new project (which requires the global privilege Container_Write), that user is automatically assigned all privileges for that project, including Privilege_Manage which allows them to add additional users to the project. Figure 2 shows the Settings tab for the Digital Thread Dashboard, where the current users are listed with their project privileges and can be added, edited and deleted. However, DTPs themselves can only be deleted at the super-user level to prevent users from deleting a major project, inadvertently or otherwise.
Future Posts in this Series
In Part 3 of the Syndeia 3.6 Release series, we will start to present the new project-specific reporting and analysis features in Syndeia 3.6 that provide a dramatic expansion of out-of-the-box capabilities in the Syndeia Web Browser. Later in the series, we will introduce the new integrations and new REST API endpoints in Syndeia 3.6.
Other parts in this series:
- Syndeia 3.6 Release, Part 1: Digital Thread Project Security
- Syndeia 3.6 Release, Part 2: Digital Thread Project Privileges (This Post)