Multi-Project Access Rights

Introduction

  The Multi-Projects Access Rights module is an extension of the Agile e6 role concept. It allows a project-oriented management and control of access rights to project-relevant data, especially in multi-projects environments.
Multi-project environments can be found in companies that have several parallel development projects and a need to protect the intellectual property in these projects. Often these projects represent customer driven projects and the intellectual property is partially owned by the customer. Contractual obligations may make it necessary to ensure that the customer's intellectual property is only exposed to individual project members in a very controlled manner.
   
  In the Multi-Projects Access Rights module users are assigned to projects via job functions, a standard entity in the role concept. While every user can play different roles in one or more projects, a mechanism is provided to activate a single project in the current session. Based on the current active project, the user's view on the whole data set is limited to a subset with project-relevant data. Certain objects are filtered out depending on the object structure and the view a user has on the project. Objects are projects/sub-projects, items, documents and folders.
   
 

The following diagramm depicts how the main elements in the Multi-Projects Access Rights module are connected to each other:

   
 

Access Rights

Users are associated with a project via a job function. Since for every job function a role must be assigned, users can have different access rights on a project due to the individual privileges defined for a role.

"Granting Access" in the context of the Multi-Project Access Rights module means to control the visibility of objects. Based on the project at hand, project driven working limits the user's view on the whole data set to a subset with project-relevant data.
The individual type of access (write, delete, read) is not defined in the Multi-Project Access Rights module, but through the standard access rights for the corresponding record.

   
 

The following diagram of a more complex multi-project environment depicts the visibility of documents for different users assigned to a project:

User-4 is granted access to project P3 and the sub-projects P4 and P5 thus enabling the view on the documents D3, D6, D7, D8, D9 and D4, D5 and D10.

User-5 is granted access to the projects P4 and P5. When P 5 is selected as the current project, User-5 has a view on the documents D4, D9, D10 and D5.

  The view on the data set can vary due to a number of actions that may influence the number of displayed records:
  • extension of item structure
  • deleted item structure links
  • deleted project structure links
  • allocation of new projects
  • assignment to another project
  • change of project structure
  Working through the examples described in the How to... section and the Manager Information will result in the following project structure: