| Agile Product Lifecycle Management ACS User Guide Release 9.3.3 E39294-02 |
|
 Previous |
 Next |
This chapter provides the following information::
Content Transfer Order Originator Field
Using Agile PLM Roles to Define Destination-Specific Content in Automated Transfer Orders
The Originator field on the Cover Page tab of a CTO is an important component of the security safeguards for CTOs. The roles and site assignments of the user who is specified in the Originator field are used to further define the data that is extracted. In ATOs, the roles used to extract data are defined in the subscriber. In contrast, for CTOs, the roles used to extract data are defined by the roles of the user specified in the Originator field.
For example, if the originator user does not have the necessary privileges to view items assigned to the Libra product line, when BOM items are extracted, any Libra product line items will not be extracted.
In a similar manner, if the originator user is not assigned to the Hong Kong site, Hong Kong BOM data will not be extracted, even if Hong Kong is selected in the Site column on the Destinations tab.
By default, when a CTO is created, the Originator field is populated with the name of the creator of the CTO. Using the Agile-supplied Content Manager role, the content manager user is able to select a different user in the Originator field and also release the CTO, thus publishing product content that the content manager cannot access. Before assigning the Content Manager role to users, determine whether this ability meets your company's needs.
If you do not want the originator of a CTO to publish data he cannot access, one way is to modify the existing Content Manager role, or to create a similar role that includes a Change Status privilege mask for CTOs with a criteria that forces the user who changes the status of a CTO to be the user whose name is in the Originator field of the CTO (Cover Page.Originator Equal to $USER). If you create and assign a role with this restricted privilege mask, the user listed in the Originator field of the CTO (by default, the creator of the CTO) must also be the user who changes the status and releases the CTO.
If you create additional roles and privilege masks for CTO objects, keep this powerful security feature in mind. If you allow a user to both modify the Originator field and release the CTO, this makes it possible for the creator of a CTO to specify a user with more powerful roles than the creator user has, which may violate your company's security objectives.
When you define a subscriber, the roles you specify for each destination on the Subscriber Details tab (in conjunction with the specified Filters and Subscriber Sites settings for each destination) determine exactly what product content is extracted. The flexibility of Agile PLM roles, privilege masks, and criteria allows you to create, if needed, roles for each destination. Agile PLM Discovery and Read privilege masks determine which objects can be extracted. The Applied To property of these privilege masks determines which object tabs and fields can be extracted. You can specify individual fields in the Applied To property of the privilege mask, thus defining, field by field, the specific product content that can be extracted.
For more information about roles, privilege masks, and criteria see the Agile PLM Administrator Guide.
|
 Copyright © 2010, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|