Plugin: Site Directory Element Browsers Module
Role management is an important step setting up a new activity within the CDP™. A role is a tool to customize the experience a user has while working with the CDP™. A role is a description of the rights and permissions a user has while using the CDP™. A role can be finely tuned in the form of permissions for a role by setting the required access rights on the available ClassKinds as defined in the data model of ECSS-E-TM-10-25 Annex A. This section gives a background description of the purpose of roles in the CDP™.
The usage of the CDP™ can be customized by defining roles. These will need to be assigned to a specific user, providing him with a role combination that will allow access to the CDP™ and determine possible actions a user can perform. These can reflect a user's role in the actual organization, but this is not compulsory.
The roles exist at two levels:
This split of Person and Participant Roles allows to have more flexibility and better control of access rights, allowed actions, and accessibility.
In the definition of the roles an indication can already be present implicitly of the permissions that will be attributed to it. These permission set for a role determine the availability of CDP™ browsers and allowed actions in these browsers. Editing rights can then be granted separately for each ClassKind to create a specific permission. Also for the applicable ClassKinds there is a distinction between two levels:
Site Directory level
Assigned to the Person Roles and applicable for concepts that are handled at the CDP™ level or Site Directory level
Assigned to the Participant Roles and applicable for concepts that are handled within the context of a specific CDP™ Activity, i.e. an engineering model
Note that setting up the roles and permissions is not straightforward and requires background knowledge of the ECSS-E-TM-10-25 draft open standard due to the relations and required interactions between the various concepts. It is advisable to have the role management available for a limited group of users only. Once the setup of roles has been properly done and fine-tuned, it will not often be required to update or edit these however.
A user can have only one Person Role, that needs to be assigned when the user is created; for details see the sections on managing person roles and on users in managing persons. This role assignment can be edited if needed.
Within the context of a CDP™ activity, a user needs to be assigned to a Participant Role. To be able to actually log in to a CDP™ activity, i.e. into an engineering model, a user needs to be assigned to this engineering model as a participant first; for this, see the description on how to create a team. For details on participant roles, see the section on managing participant roles and typical role setup.
Last modified 1 year ago.