Permissions in the Repository


It is possible to define permissions on content (for example, a folder or document) via the "Manage Permissions" button.

A permission is defined by:

  • A user group or a user (to search for a user or a group, you must type the first three letters of the name).
  • A role:
    • Consumer: Can view the content.
    • Editor: Can read and modify existing content but cannot create new nodes.
    • Contributor: Can add and edit content.
    • Collaborator: Can perform all actions that an editor and a contributor can do. Can also delete content.
    • Coordinator: Has all rights.

A folder can inherit the permissions defined on its parent folder.

There is also a special role called Owner, which is assigned to the creator of the content. The owner has full access to the content they created. The owner role is disabled in beCPG, except for external users and when specifically indicated on a node with the Ownable aspect. A provider, for example, even if they are only a contributor, has full permissions on the content they created.

Permissions Matrix

Role Read Content Edit Content Add Content Delete Content Full Control
Reader Yes No No No No
Editor Yes Yes No No No
Contributor Yes Yes Yes No No
Collaborator Yes Yes Yes Yes No
Coordinator Yes Yes Yes Yes Yes
Owner Yes Yes Yes Yes Yes

Permissions in a Site


  • Consumer: Can view content.
  • Contributor: Can add and edit content.
  • Collaborator: Can add, edit, and delete content.
  • Manager: Can invite people.
  • Version Manager: Can check out a branch/version to this site and view content.

Fields permissions :


General Permissions : Confidentiality & security rules

beCPG allows restricting access to certain fields of a type by user groups. To do this, go to the "Security" folder of the repository and create a new folder. This folder corresponds to a group of permissions applied to a beCPG type. Once the folder is created, it will turn to entity, edit its properties and select the node type for which the permission is enabled:

Here, permissions are created on the type « Finished Product ». To define the rights on properties, click on the « ACL » list:

Add new permissions to the data list via the "New Row" button:

Three basic rules can be established:

  • Read-only rights, other groups have no access to fields.
  • Read and write rights, other groups will only have read rights.
  • Read and write rights, other groups have no access to fields.

Once the rule is chosen, it is automatically applied to the properties of the concerned model.

Local Permissions

It is also possible to implement local permissions to specifically target certain products.

To do this, proceed through editing the properties of the security rule and click on the "Local Permission" button.

For the application of the rule to the products of your choice, two methods are available:

  • Manually add the rule to products: This approach allows you to individually select the products that require permissions. Simply access the product in question in beCPG and directly apply the permission rule to it. First, verify that the security aspect is among the currently selected aspects. If not, add the aspect , Click here Adding this aspect conditions the appearance of the "Security Rule" field in the product properties. Then manually add the rules created at the administration level.

  • Add the rule automatically via a SPEL formula which defines the conditions of application. This formula, based on criteria specific to each case, can be applied to a product model to enable more efficient management on a large scale. example: you can create a formula to apply the security rule to all finished products with a specific model. This method ensures that permissions are correctly assigned without the need for repetitive manual intervention.

Application of the rules

To activate safety rules, it is important to formulate the product.

Permissions on reports


It’s possible to define rights on technical sheets so that their consultation and/or their edition is rigorously managed.

For that purpose :

  1. Go to: Repository> System> Reports> Product reports;
  2. Select the folder corresponding to the type of products of which you want to manage the technical sheets (finished product, raw material …);
  3. Place the cursor on the line corresponding to the concerned technical sheet and click on « More » and then on « Manage permissions »;
  4. If the default configuration doesn’t suit you, which means that you don’t want everybody to have the right to consult the technical sheet as a « Consumer », click on « Inherit permissions ». Thus, the logo turns from « Check » sign to « No entry » sign so that you can administrate your own rights.
  5. Click on « Add a user/group » to give rights only to some users or groups on this technical sheet. Once the user or the group selected, give it a rôle (consumer, collaborator etc.);
  6. Click on « Save »;
  7. Finally, place the cursor on the line corresponding to the technical sheet and click on « More » and then on « Update permissions ».

Permissions on projects


beCPG enables to define rights on projects:

  • Either on folders which specifically contain projects. For that purpose, consult the documentation concerning the permissions on folders, available here

  • Either on individual projects. For this matter:

  • Place the cursor on the line corresponding to the project and click on « More » and then on « Manage permissions »;

  • If the default configuration doesn’t suit you, which means that you don’t want everybody to have the right to consult the project as a « Consumer », click on « Inherit permissions ». Thus, the logo turns from « Check » sign to « No entry » sign so that you can administrate your own rights ;
  • Click on « Add a user/group » to give rights only to some users or groups on this project. Once the user or the group selected, give it a rôle (consumer, collaborator etc.);
  • Click on « Save » ;

N.B : a user or a group of users defined as « Consumer » on a project won’t have the right to add new tasks neither to modify or delete tasksUNLESS they are assigned to these tasks !

Depending of their rights, users won't have the same access. For example, a consumer won't have the right to modify a task if the task is not assigned to him.

However, the user can modified tasks which are assigned to him.

Permissions on folders in the document list


It is possible to define rights on folders contained in the Documents list of entities (e.g. deleting the inheritance of permissions on a folder and then creating specific permissions). Permissions are defined at template level and apply to all entities associated with the template.

Permissions are applied when entities are created, or to existing entities when they are formulated, or when models are synchronized.

When synchronizing templates, folder rights for existing entities are synchronized:

  • Either folders do not exist: they are created with the associated permissions.

  • Either the folders exist: if the spelling of the folders is identical, the permissions are updated.

If the entities contain folders different from those present in the model:

  • either folders are empty: they are simply deleted

  • or folders are full: they are retained, but automatically inherit the permissions of the parent folder. If bridging rights had been previously determined, they will be deleted.

N.B.: Subfolders inherit the permissions of the folder in which they are contained.

Permissions on change orders


If you want to create a change order, you need to have the right permissions.

There are 2 different permissions :

  • beCPG Change orders creators (CreateChangeOrder) : you can create a change order but you can not apply one.
  • beCPG Change orders managers (ApplyChangeOrder) : you can apply a change order.

beCPG Change orders managers and the administrator are the only ones able to apply a change order.

How to change users permission: see here

results matching ""

    No results matching ""