Propagating additional access rights with create access
Use the propagate
function to give users modify, delete,
or admin access to items that they create in either the database root,
or in projects, folders, or modules, but not to the database root,
project, folder, or module itself. Using standard access rights, you
would need to edit the access for each item that they created to give
them the additional access rights. If you propagate access rights,
you give users the additional access to all the items in the hierarchy
that inherit their access, but not to the item itself.
For example:
- You want to let Marcus create modules in a folder. So Marcus needs create access to the folder.
- You want Marcus to be able to delete the modules he creates in the folder. You do not want him to be able to delete the folder itself.
Using standard inheritance, you would need to turn off inheritance for every module that Marcus creates in the folder. You could then set up the access rights for these modules to give Marcus delete access to them, but that would be time consuming.
Alternatively, you can propagate extra access rights with create access. This option is only available if the item has inheritance turned off.
You can choose which extra access rights to propagate
with create
access:
- Modify (M)
- Modify and delete (MD)
- Modify, delete, and admin (MDA)
The extra access rights are
not specific to a particular user or
group. They are propagated with every access rights entry that includes
the create access right. For example, a project has four access rights
entries, two of which (for Anne and Engineering) include the create
access right.
Name | Access rights |
---|---|
Anne | RC |
John | R |
Engineering | RMCD |
Everyone else | RM |
You
decide to propagate modify, delete, and admin (MDA) access
with create. Access rights entries for items that inherit their access
rights from the project change as shown in the following table. The
access rights for the project itself do not change.
Name | Access rights |
---|---|
Anne | RMCDA |
John | R |
Engineering | RMCDA |
Everyone else | RM |
The only entries that are affected are the ones that
included create
access. They gain modify, delete, and admin (MDA) if they do not already
have them:
- The entry for Anne gains MDA
- The entry for Engineering gains A