As of Windchil 9.0, it is possible to specify different access control policies for metadata and content. This additional granularity of access control is useful in several ways. For example, a company may wish to restrict access to the editable original content, and enable users to access only the metadata and non-editable, viewable representations of a document once it is Released. This enables the viewable representation to become the “document of record”. Users may add annotations, but cannot change the underlying viewable.

Defining Access Control Policies

To specify Access Control Policies, as a member of the Administrators group, navigate to Context / Policy Administrator and Update the Domain of interest.

Open the Access Control Tab for the Context of interest and define a new Policy.

Note that there are now separate Policies available for Download and Modify Content.

Note that Download and Modify Content are separate policies now, which apply only to the content holder without affecting access to the metadata and viewable representations.

As always, there are some restrictions to ensure that the resulting rules make sense. If, for example you select to grant Modify Content permission, then Download permission is granted also.

Was this article interesting? Let us know