Permission List, Tree-Based Security
Three factors determine access to data in permission list, tree-based security:
-
Permission list—defining access to folders and content references in portal navigation.
-
Tree-based—defining access to projects based on their inclusion in, and position on, a tree.
-
Project security profile—defining the degree of project data access and the access type.
Users with access to a permission list can access projects that belong to a tree that is attached to that permission list. All users with the same row security permission list have the same project access when you use permission list-level security. You can assign only one security profile to the permission list for each project. The degree of access to project data and the access type are defined by either the security profile that is assigned to a project on the tree, or the security profile for the parent project. You can attach a project tree to more than one permission list.
Restricting and Allowing Access to Child Projects
When security is defined for a parent project, all child projects inherit the same permission as the parent.
To restrict access to a parent project, but allow access to specific child projects:
-
Select a project security profile that has No Access to the project for the parent project.
-
Select a project security profile that has Read/Write or Read only access to the project for each child project.
To allow access to a parent project, but restrict access to specific child projects:
-
Select a project security profile that has Read/Write or Read only access to the project for the parent project.
-
Select a project security profile that has No Access to the project for each child project.
Note:
The default security for new trees is No Access. Therefore, you must set up project tree security to provide access to any trees. To implement minimal security, grant access to the top node on each tree that you create so that the nodes beneath it are accessible.