Example of permissions
It is useful to understand the relationship between users, groups, and permissions.
In the following example, security on a project has been enforced and three groups have been given access permissions: Group A, Group B, and Group C.
You have three Decision Center users, each of whom is a member of only one group:
Joe - Group A
Jack - Group B
William - Group C
Each group has been given the following permissions:
| Permission | Type | Value |
|---|---|---|
| View | Rule | Group |
Members of Group A can view any rules created by a member of the group.
| Permission | Type | Value |
|---|---|---|
| View | Rule | Yes |
Members of Group B can view all rules in the project.
| Permission | Type | Value |
|---|---|---|
| View | Rule | No |
Members of Group C cannot view any rules in the project.
The following table explains which users can view which rule, and why. Each rule has been created by a member of a different group. For this example, assume the Group property (see Project element properties) is set to the group of the member who created the rule.
| Name of rule | Rule created by member of which group | ‘View’ access |
|---|---|---|
| Rule 1 | Group A | Joe can view Rule 1 because it has been created by someone from his group (Group A), and members of Group A have permission to view rules created by the group. Jack can view Rule 1 because members of Group B have permission to view rules. William cannot view Rule 1 because members of Group C do not have permission to view rules. |
| Rule 2 | Group B | Joe cannot view Rule 2 because it was created by someone from another group (Group B). Group A members have permission to view only rules created by members of their group. Jack can view Rule 2 because members of Group B have permission to view rules created by any group, including their own. William cannot view Rule 2 because members of Group C do not have permission to view rules. |
| Rule 3 | Group C | Joe cannot view Rule 3 because it was created by someone from another group (Group B). Group A members have permission to view only rules created by members of their group. Jack can view Rule 3 because members of Group B have permission to view rules. William cannot view Rule 3 because members of Group C do not have permission to view rules, even rules created by someone from their group. |