What are project-specific roles?

Database users have the roles that are defined by various combinations of license, access and function privileges. These users can also have administrator roles if they were assigned the corresponding privileges in ARIS Administration. You can define individual roles by assigning users special privileges.

ARIS distinguishes between the user types described below:

Technical users

Users required for the automatic process flow of specific functions:

System user 'system'

The system user system assumes the administrator role of the system administrator and has all function and access privileges in all databases of a tenant. Authorized persons can use this emergency user to log in to any database, even if you are using an external system, such as LDAP, for authentication.

The name system cannot be changed. The System user check box for this user (Function privileges properties page in ARIS Architect) cannot be disabled either. You should immediately change the password manager to prevent unauthorized access.

To avoid problems, you should create (Create system user for a database, How to make a user a system user) additional system users. Having more than one system user can avoid problems, for example, if one system user has forgotten his password. If you forgot the passwords of all your system users, the full range of functions is no longer available and full data access is no longer possible.

System users

System users are users who have all function and access privileges in a database and who have the required privileges in ARIS Administration. System users can be created by the system administrator (user system) or by another system user. The system user system is created automatically. The name system cannot be changed. A system user should immediately change the password manager in ARIS Administration to prevent unauthorized access. The function and access privileges of system users cannot be changed at database level. To withdraw privileges from a system user, another system user must disable (Create system user for a database, How to make a user a system user) the System user check box on the former user's Function privileges properties page. As a result, the user's privileges can be changed. After this, the user has no access privileges.

Users

Default users work within the group structure of their area of responsibility. This is determined by their access privileges. Each user can be assigned function privileges that will allow them to take on certain roles.

Examples of individual roles

Project managers

Owners of this role are responsible for the entire project. Depending on the organizational structure, this role can assign many tasks to other project employees. In this case, this role needs only very few privileges. The Read access privilege for all groups allows the user to read the latest information.

If project managers do not delegate the tasks described below, they need all function and access privileges for the database, and therefore, they log in as system users. Otherwise, the function privileges shown in parentheses should be assigned to project employees in charge.

Owners of this role can then take on the corresponding tasks.

Process manager

Owners of this role are responsible for the entire project. Depending on the organizational structure, this role can assign many tasks to other project employees. In this case, this role needs only very few privileges. The Read access privilege for all groups allows the user to read the latest information.

If project managers do not delegate the tasks described below, they need all function and access privileges for the database, and therefore, they log in as system users. Otherwise, the function privileges shown in parentheses should be assigned to project employees in charge.

Owners of this role can then take on the corresponding tasks.

Quality managers

This role can be performed, for example, by project employees who are not involved in the modeling process.

Owners of this role can lock database items. This means that they can lock models and objects permanently, for example, to perform a review on this data during Release Cycle Management (Lock permanently function privilege).

Project employees (modelers)

The tasks of this role can also be performed by the project-specific roles listed earlier.

Owners of this role can perform the following tasks: