Security access to different parts of the ATG Business Control Center can be managed at a high level through permissions that you set on the options that appear in the BCC Home page. All ATG Business Control Center users require several roles, as described earlier in this manual. You can use those roles to control whether specific options appear in the Operations list.
BCC Home page security is configured through <generic-activities> tags in XML definition files for each application that uses the ATG Business Control Center. The tags contain access control list (ACL) entries specifying the roles that can access each option in the Operations list. For detailed information, see Security Access for Generic Activity Items in the ATG Business Control Center in the ATG Content Administration Programming Guide.
By default, no security is configured for the Personalization items on the BCC Home page. Any internal user who has an ATG Portal role and an ATG Content Administration role, as described in Login Requirements, has access to the Users options and the Targeting and Segmentation option under the Personalization item. To restrict access to the Users options to people who are assigned the epubSuperAdmin role (for example), create a file with the following content and add it to your CONFIGPATH with the path atg/web/personalization/activity/genericActivities.xml:
<generic-activities xml-combine="append">
<activity>
<id>personalization.users</id>
<destination-page>
<acl>Profile$role$epubSuperAdmin:read;</acl>
</destination-page>
</activity>
</generic-activities>
Note also that some BCC Home page links cause the project creation page to be displayed. These links are visible if the user has permission to start the project workflow associated with the links.
