Definition of users and access rights

The term "definition of access rights" means definition of individual users' access to objects and applications in the system.

Terminology

User's access to individual objects of D2000 system is defined by assigning desired groups to particular user.

As one object may be included in several groups of objects, a situation when two or more groups of objects that contain the same objects will be assigned to user may occur. In this case, there is applied an approach with the highest priority. The order of priority (from the lowest to the highest) is Reading, Controlling, Modification and No access.

Example
Groups of objects Group1 and Group2 are defined. Group1 contains all bitmaps - [BITMAPS] and the group is assigned to user with Modify level of user access. Group2 contains, besides others, objects - bitmaps BOILER01.BMP and CONTAINER03.BMP and they are assigned to user with No access level of access rights. The situation implies that user might work with the objects BOILER01.BMP and CONTAINER03.BMP with Modify as well as No access level. No access level of access rights will be applied when making decisions about accessing those two files because it has higher priority than Modify level. It means that user can work with all bitmaps in the system except for BOILER01.BMP and CONTAINER03.BMP.

Implicit access to reference objects

If user has access to an object, after opening the object he / she automatically gets access (Read only level) to its referenced objects.

Example
User has the access to a picture, does not have access to objects linked to the picture. The access (Read) is granted after opening the picture. This implies that operator can see values of objects without any access rights to them.

To define users and their access rights use the process D2000 CNF.