How to control role-specific access

For the various users of the exports to see only the contents they are authorized for, individual access profiles are created for each user. In addition to access, these profiles also control method filtering, that is, the number of model, object, attribute types, etc. displayed. The number of access profiles a user has depends on the number of exports and on the user groups that a user is a member of. Only the access privileges assigned to the user groups determine the content to be displayed. The access privileges of individual users are not taken into account.

The following examples refer to exports of the demo database.

After login, a set of access profiles is displayed for each user. User p.sonntag is a member of two user groups. Multiple exports are available to him.

Access profiles

Each profile consists of the following parts: name of the export, for example, ARIS Business Publisher, and user groups, for example, Process manager. The assigned method filters are displayed in brackets, for example, (ARIS for SAP).

User p.sonntag sees only the profiles of the user groups to which he was assigned. Since the user has both the Process manager and the System manager roles, he was assigned to the user groups Process manager and System manager. The following graphic shows the user association in the properties of the Process manager user group.

Method filter and user assignment

The user groups Process manager and System manager are assigned different method filters. With these filters, users can restrict the number of objects, models, connections, etc. The following graphic shows the method filter assignment of the Process manager user group.

Method filter

Both user groups have access privileges for the relevant groups of the databases. Access privileges and user association define the contents that a user sees in an export. Access privileges assigned to users in ARIS Architect are not taken into account. The following graphic shows the access privileges of the Process manager user group.

Access privileges

In the ARIS Publisher Server administration interface, administrators can customize access profiles.