Resource security allows you to restrict a user's ability to access resources. Restricted resource access means that a user has access to a parts of the resource hierarchy only. Privileges that control the resource hierarchy (add/edit/delete resource) still apply but only to those resources that the user has access to.
Resource access types
- Access to all resources
If the User.AllResourceAccessFlag is True, the user has access to all resources and resource security does not apply.
- Restricted access to resources
If the User.AllResourceAccessFlag is False, the user has limited access to resources.
If the user is assigned to resources in the hierarchy, that user has access to the assigned resource and all their children. You can assign up to five resources to a user.
- If the user is not assigned to any resource in the hierarchy, that user does not have access to any resources.
Note: Admin Superusers always have access to all resources.
Accessing resources assigned to a project
If a user can access a project, that user is able to see all resources assigned to that project (activity, issue, risk, WBS) even if they are outside the user's resource access nodes. The user can then reassign these resources anywhere, but will only be able to edit those that are under the user's resource access nodes. For more information on the resource security feature, refer to the P6 help (if using the P6 Integration API) or the P6 Professional help (if using the P6 Professional API).
The API implementation of resource security
Use the ResourceAccess business object to implement and maintain resource access in the API.
When importing resources using the API as a user with restricted resource access, import the resources to the first resource node that the user has access to, and into the highest resource node that the user has access to.
For example, in the structure below, if the user has access to the nodes Purchasing, Operations, ProductOps, CharlesM and Tom Hart, the user also has access to all the child resources of those nodes. When importing resources, if the user does not specify which branch to import the users into, import the resources under the Purchasing node.
For details on specific methods, refer to the JavaDoc.
Note: This note applies if you are using the P6 Integration API: On the P6 Users page, users are filtered based on your resource access settings. As an exception, Admin Superusers will always see all users. In the API, all users are loaded but the ability to modify a user's resource access settings is determined by your resource access settings. If the user is associated to a resource that is outside your resource access, you cannot change that user's resource access settings.