Syndeia 3.6 Release, Part 2: Digital Thread Project Privileges

As part of the release of Syndeia 3.6, we are publishing a series of blog posts highlighting the new features supporting practical implementation of digital threads in system development.

In Part 1, we introduced the concept of Digital Thread Projects (DTP) and the three levels of security (Global, Repository and Project). The objective is that each user’s permissions can be narrowly tailored to let them do their job without giving them access or change authority they do not need.

In this post, we will consider what types of permission are available and how they are assigned. Authorization for API access to the underlying repositories is set by each repository administrator. This is not a Syndeia-specific topic but contact us at www.intercax.com/help if you have questions. Global and Project user permissions are controlled through Syndeia.

Figure 1 shows a user’s privileges at both the global and project level in Syndeia 3.6. This page is only available to the Syndeia Cloud administrator/super-user. Global privileges apply to all the projects the user may have access to, as well as the ability to create new repository connections, new DTPs, and new RESTful API queries.

Figure 1 Syndeia – Global User Permissions (visible to super-user only)

Project Privileges

Similar to global privileges, project privileges can be finely tailored to the individual users. There are five privileges that can be assigned

Read – view the project including relations and reports, run saved queries, and compare baselines.
Relation_Write – create and delete inter-model relations within the project.
Baseline_Write – add and delete new baselines for the project
Query_Write – create, edit and delete collections and queries saved as part of the project.
Privilege_Manage – add and delete users from the project and edit their permissions. Any user given this permission has the same privileges.

When a Syndeia Cloud user creates a new project (which requires the global privilege Container_Write), that user is automatically assigned all privileges for that project, including Privilege_Manage which allows them to add additional users to the project. Figure 2 shows the Settings tab for the Digital Thread Dashboard, where the current users are listed with their project privileges and can be added, edited and deleted. However, DTPs themselves can only be deleted at the super-user level to prevent users from deleting a major project, inadvertently or otherwise.

Figure 2 Digital Thread Project Privileges (visible to users with PRIVILEGE_MANAGE for project)

Future Posts in this Series

In Part 3 of the Syndeia 3.6 Release series, we will start to present the new project-specific reporting and analysis features in Syndeia 3.6 that provide a dramatic expansion of out-of-the-box capabilities in the Syndeia Web Browser. Later in the series, we will introduce the new integrations and new REST API endpoints in Syndeia 3.6.

Other parts in this series:

Dirk Zwemer

Dr. Dirk Zwemer (dirk.zwemer@intercax.com) is COO and Co-founder of Intercax LLC (Atlanta, GA), a supplier of MBE engineering software platforms like Syndeia and ParaMagic. He is an active teacher and consultant in the field and holds Level 4 Model Builder-Advanced certification as an OMG System Modeling Professional.