Controlling the access by using the access control
Role-based access control is used to control the access to individual program functions of logi.CAD 3 – this is done per →project.
Observe the following:
If access control has been activated for a particular version of logi.CAD 3 , it applies to all projects that are opened in this version. This means an activated access control is always applied to the opened project – no matter whether the project has been created in a version with access control or in a version without access control . However, the assigned access rights might differ for created and imported projects:
The user who creates a project in a version with access control gets the default Administrator role incl. the access right for the Edit access control configuration feature. Thus, the creator of the project can configure the access to the project. The rights of the other users depend on the access control configuration predefined by the system integrator.
The user who imports a project in a version with access control does not get the default Administrator role incl. the access right for the Edit access control configuration feature. The rights of the users that imported the project depend on the access control configuration predefined by the system integrator.
If you need more access rights after importing a project,
contact your administrator or possibly a user with the activated feature
Edit access control configuration
. Ask the administrator or this user to grant you the required access rights.
Access control is not provided in all variants of logi.CAD 3.
Overview: Access control per project
logi.CAD 3 allows a feature to be executed only if the feature is active for the logged-in user (via the assigned roles).
Observe: The users of logi.CAD 3 can be assigned to one or more roles. logi.CAD 3 determines per role whether the access right for a feature of logi.CAD 3 is granted (= activated feature) or not (= deactivated feature). Also observe:
By default, logi.CAD 3 identifies a user based on the credentials of the operating system.
However, your version of logi.CAD 3 might use a different method of user identification, if your system integrator has changed the default method. In this case, contact your system integrator and ask for information about the applied user identification.The roles can be freely defined in logi.CAD 3.
logi.CAD 3
requires a default
Administrator
role and a default Anonymous role. Without these 2 roles, the correct application/configuration of the access control is not granted.
The best practice is to use sufficiently descriptive names for the roles, e.g. Machine operator, Developer, Safety Engineer. The German and English language variants of logi.CAD 3 use the same names for the roles.The features of logi.CAD 3 are predefined by logi.cals. The features are assigned to roles.
See "Features for access control" for the list of features that can be assigned to the roles.
Sketch of a possible access control:
Explanation of this access control::
"User 1" is allowed to execute "Feature 1" (via "Role 1"), "Feature 2" (via both "Role 1" and "Role2" ) and "Feature 4" (via "Role 3").
If "User 1" would be assigned to "Role 1" only, "User 1" is allowed to execute "Feature 1" and "Feature 2" only."User 2" may only execute "Feature 2" (via "Role 2").
"User 3" is not allowed to execute a single feature. Reason: This user is not assigned to a single role.
"User 4" is also not allowed to execute a single feature. Reason: This user is assigned to a role, but this role has no activated features.
Here, "Feature 3" must not be executed by any of the users. Reason: This feature is not assigned to a single role.
The best practice is to always assign all features to one role (e.g. the Administrator role) to avoid the problem that a feature can no longer be executed by a single user.