Skip to end of metadata
Go to start of metadata

Purpose

 Introduce the access control context.

Overview

 An area whose business objects can only be accessed by users with the appropriate context roles.

Access control management (ACM) for PLM business objects, controls access authorizations provided by access control contexts (ACCs) and access control lists (ACLs). Access control contexts provide an access-controlling mechanism based on context roles. For more information, see Administration of Context Roles.

Administrators of a context assign specific activities for business objects to users, for example, create documents or change materials. The activities are bundled in context roles. Only users assigned to the appropriate context roles can perform the activities specified for the business objects.

User with ACM administrative roles have following privileges:

-You can transfer the ownership of objects from an access control context to an other context or assign objects to other contexts.

-You can lend the objects to other contexts.

-You can display and analyze access authorizations of other users.

-You can administer context roles. These context roles grant users who are assigned to them access authorizations for contexts and their objects.

-You can add users to user groups. These user groups help in managing authorizations in bulk when you use them with context roles. On the user group screens, you can create, display, change, and delete user groups.

-The system writes change documents when you change authorizations granted by ACCs or ACLs.

-You can control access to a set of objects by assigning them to access control contexts. On the access control context screens, you can create, display, change, and delete access control contexts.

-You can maintain exceptions to access authorizations at the level of individual objects by using access control lists. On the object screens, you can create, display, change, and delete ACLs.

-Before giving access to a selected object, the system can take authorizations granted by ACCs and ACLs into account.

-You can archive authorizations granted by ACCs and ACLs.

Related Content

Related Documents

Related SAP Notes/KBAs

  • No labels