Interfacing Technologies Corporation

Direct Parent Security Inheritance

Understanding Direct Security

In EPC 13.3, security on EPC objects has evolved to direct permissions.
This means that EPC System Admins can now define the security of groups or users by assigning them:

  • Read published, read latest, write or delete permissions on environments, sets, folders and objects, all independently or including their children objects.

Why is direct security preferable?

Direct permissions are useful for organizations with many departments or employees to control sensitive files and to specify who has access to what information. In this sense, security association tracking is clear and easy to report without complex documentation. Moreover, this feature increases system performance as almost no computing time is required.

Permission Levels

  • Read published: users will be able to see only the published version of the object and won’t see “in progress” (draft) versions. Additionally, they won’t be able to edit or delete the object.
  • Read latest: users will be able to see all versions of the object but won’t be able to edit or delete it.
  • Write: users will have access to all versions of the object as well as editing rights but won’t be able to delete the object.
  • Delete: users will have access to all versions of the object. They can also edit and delete. Modelers with this permission can set object security.
  • Environment Admin: users will be administrators in the chosen environment. They will have Delete permission on all objects in the environment as well as being able to access the environment admin section and set security permissions on objects.
See published versions See all versions, drafts Can edit the object Can delete the object Can set security perm. Access to Env. Admin Section
Read published X
Read latest X X
Write X X X
Delete X X X X If Modeler, yes
Env. Admin X X X X X X

As an example, you could assign the “delete” permission on a set to a group, but only grant them “read latest” on a more delicate folder within that set, ensuring that nobody in the group will be able to edit or delete. This new way of assigning security allows to set independent and micro-settings of security. More information about the rules of this feature can be found in our user manual.

On the other hand, if your security needs are simpler, it is possible to set these permissions at the environment level. This way, you can assign permissions at once, for all objects in the environment.

Need more help with this?
Don’t hesitate to contact us here.

Thanks for your feedback.