Once a library is created, the access rights to it can be set. This is administered via Manage Libraries


Prerequisites

  • You must have "Change" rights to the library in order to make changes to access rights.



The access control list is displayed in the Access Rights section, as shown above, and lists the user groups and individual users who have access to the items in the selected library as well as what type of access they have. 


Group entries do not display a Name value.

An icon indicates that you are included as user or member of the group.


To begin with, a library always has an owner and the owner is displayed in the Properties section at the top: 



It can be changed by a user who has Change rights by clicking on the Change button and selecting the new owner. 


Access Right Options

The following access rights to libraries are available:


Read

Access to read items (e.g., description, parts and other item properties) in the library, including sub-libraries that are inheriting from the library.


Note: For read constraints to be effective, the security level of the server must be set accordingly on the Security tab by an Architect in swAdmin2.


Write

Users can change the name and description of the library, create sub-libraries, and add or move items or sub-libraries to the library. 


Note: Write access alone does not provide the right to modify items in the library. To be able to both add and edit items in a library, a user needs both Write and Items Write access rights to the library. This applies regardless if the user is the owner of the library or of the item.


Change

Users can change user/group access rights to the library and move the library to another location in the library structure. Moving an item to a new library requires Items Change rights for the original library and Write rights to the destination library. However, if the user does not have Item Change rights to the destination library, the user will lose Change rights, and will not be able to move the item again (provided the user is not also the owner of the item).


Note: The Owner of the library always has Change rights regardless of what access rights are selected for the owner.


Items Write

Users have rights to edit any item in the library, e.g., edit item description, attributes, and add parts. Items Write access alone does not allow a user to add items to a library.


Items Change

Users can move items from the library. This access also allows the user to change the Status of items in the library, i.e., use the Delete, Thaw, Freeze and Release operations. The Owner of the library always has implicit Items Change rights.


The below table shows whether or not you can perform the operation if your sole access right to the library is that noted at the top of the column. "Source" vs "target", indicates where you have that right, i.e., in the source library where you are moving the item or library from, or the target library where you are moving the item or library to. 


Note: Any rights assigned to an individual user will override those gained from being a member of a Group.




ReadWriteChangeItems WriteItems Change
Item rightsRead an itemYes
YesYesYes
Yes
Add a new item
NoYesNoNo
No
Edit an item
No
No
No
YesNo
Change item status
No
YesNo
No
Yes
Change Version info or Version text (Change log)No
No
No
No

Yes
Change item ownerNo
No
No
No
Yes
Move an item - source libraryNoNo
NoNoYes
Move an item - target library
NoYesNoNoNo
Library rightsChange the name and description of the library
No
YesNoNoNo
Move a sub-library - source libraryNoNoYesNoNo
Move a sub-library - target libraryNoYesNoNoNo
Create a sub-libraryNoYesNoNoNo
Remove a sub-libraryNoNoYesNoNo
Change user/group access rights to library
NoNoYesNoNo

Inherit Access Rights From Parent Library

As described in Managing Libraries, libraries can be created within libraries. By checking the Access Is Inherited checkbox when viewing a sub-library, any rights settings in the parent library of the selected library are inherited to the selected library. If this option is used, all user and group access rights to the parent library will be inherited/applied to the selected sub-library as-is. That is, you cannot make any modifications to the inherited access rights. Aside from any inherited access rights, additional user and/or group access rights to the sub-library can be set up and they will be maintained. In other words, a library can have a combination of inherited and non-inherited access rights. The Access Is Inherited option is default for new libraries and must be actively deselected if it is not desired. In the screenshot at the beginning of this article, the Functional Design library inherits the access rights set for its parent - SystemWeaver Library.


Note: Remember, you cannot change any inherited access rights. If you want to modify such rights, you must remove the inheritance by deselecting the Access Is Inherited option described above. Once you deselect the option, all entries previously inherited will remain in the current library and can be modified or removed.


Applying Inherited Access to Sub-libraries

The security setting of a library includes the option to apply inheritance to sub-libraries. When the Apply Inherited Access to all sub-libraries option is checked, the security settings will also be applied to the entire substructure. The operation only needs to be performed once since the inheritance option is stored for each library. The operation requires Change rights to the library where the operation is performed. The owner has the right to apply inherited rights to all sub-libraries. In the below example, this option was selected for the Test 0 library. All access rights to Test 0 are now also applied to Test 1 and Test 2 sub-libraries. This is indicated by the Access Is Inherited box at each sub-level. 



Adding Access Rights for a User

  1. Select the library you want to give access rights to and click Add user.... The Select User(s) dialog displays.
  2. Select the user or (or multi-select users) and click OK. Alternatively, you can double-click a user entry to add it. The user will display in the access control list. 

  3. Checkmark the access rights to assign to the user. In the below example, the individual user John Doe is being given Write rights and the Testers group will have Write and Change rights.

  4. Click Apply changes.


If you do not click Apply changes, your changes will not save!


Adding Access Rights for a Group

The most practical way to assign access rights, especially for large systems, is to use groups.

  1. Select the library you want to give access rights to and click Add group.... The Select groups dialog displays.
  2. Select the group you want to add in the left-side pane. The members in the group will display to the right. 
  3. Click OK to add the group. It will display in the access control list. 
  4. Checkmark the access rights to assign to the user.
  5. Click Apply changes.

Changing Access Rights

  1. Select the library for which you want to change access rights. 
  2. In the access control list, make the desired changes to the access by checking and/or unchecking the rights boxes in the user's or group's entry.
  3. Click Apply changes


Removing Access Rights

  1. Select the library for which you want to remove access rights. 
  2. Select the user or group whose rights you want to remove and click Remove.
  3. Click Apply changes.

Note: Multi-select of users or groups is not possible when removing access rights.


Revert Changes

Click the Revert changes button to rollback any changes you have made, including any entries you have removed. When the settings meet your needs, click Apply changes to save and apply them. 


Note: The systemwide Viewer role overrides any write or change access to a Library. Example: If a user has write/change access to a library but has the Viewer role assigned, they will only have "Read only" access to all data.

What's Next? 

Read more about other aspects of Libraries


Tip: The Path Query Language can be used to view data related to library and access rights in, e.g., a configurable grid or graph.