Skip to main content
Version: 16.0

Impact of Restricting Access to Metamodel Elements

Based on examples, this chapter illustrates how changing metamodel rights affects working with ADONIS.

note

For information on how to change metamodel rights, please refer to the section View or Change Metamodel Rights.

Scenario 1: Creating Models/Objects

Creating models/objects requires permissions to create models/objects of this type and write permissions to the Name attribute.

Example

Edit the basic metamodel rights of the system role "Participant" to the model type Cross-Domain Model:

  • Set the permissions to the Name attribute to Read.

    Now users with the system role "Participant" cannot create Cross-Domain Models.

    You can achieve the same result by editing the detailed metamodel rights of the system role to the model type and setting "Create models" to denied.

Scenario 2: Editing Models/Objects

Editing models/objects requires permissions to edit models/objects of this type.

Example

Edit the detailed metamodel rights of the system role "Participant" to the class Service:

  • Set "Edit objects" to denied.

    Now users with the system role "Participant" cannot edit or rename Services.

Scenario 3: Adding Objects to a Model

Creating objects in a model requires permissions to create objects of this type.

Example

Edit the detailed metamodel rights of the system role "Participant" to the class Risk:

  • Set "Create objects" to denied.

    Now users with the system role "Participant" cannot create new Risks. They can still re-use Risks from the Object Catalogue in models.

Scenario 4: Saving a Copy of a Model

Saving a copy of a model requires permissions to create all the modelling object and relation types which the model contains.

Example

Edit the detailed metamodel rights of the system role "Participant" to the class Note:

  • Set "Create objects" to denied.

    Now users with the system role "Participant" cannot create new Notes. They cannot save a copy of a model that contains a Note.

Scenario 5: Deleting Objects

Deleting objects requires permissions to delete objects of this type.

Example

Edit the detailed metamodel rights of the system role "Participant" to the class Note:

  • Set "Delete objects" to denied.

    Now users with the system role "Participant" cannot delete Notes. They cannot delete a model that contains a Note.

Scenario 6: Opening a Model that Contains Unavailable Objects

Accessing an object in a model requires permissions to read objects of this type:

Example

Edit the basic metamodel rights of the system role "Participant" to the class Risk:

  • Set the permissions to No access.

    Now Risks are not available for users with the system role "Participant". When they open a model that contains a Risk, the Risk is invisible for them.

Scenario 7: Deleting a Model

Deleting a model requires permissions to delete models of this type.

Example

Edit the detailed metamodel rights of the system role "Participant" to the model type Cross-Domain Models:

  • Set "Delete models" to denied.

    Now users with the system role "Participant" cannot delete Cross-Domain Models.

Overview of Permissions to Individual Functions

What permissions are required for the different tasks that can be performed in ADONIS?

Dashboards (ADONIS Scenarios)

  • Widgets are empty if none of the displayed object types are available.

  • Columns in a widget are empty if the displayed attribute is not available.

  • Charts are only available if the queried object types/attributes are available.

Quick Links

  • Links are removed or disabled based on metamodel rights.

Organisation Portal

  • The Organisation Portal is only available if the configured model types and State attribute are available.

Reporting Board

  • Individual Reports are only available if the respective view or report is available.

Reports

  • The project summary report is only available if the State attribute is available.

  • The open questions report is only available if the Open questions attribute is available.

  • Model reports and object reports omit attributes that are not available.

Model Release Workflow

  • The model release workflow is only available if the configured State attribute, Version attribute, Predecessor model pointer and model types are available.

  • The model release workflow will be available but not work correctly if the configured 'valid from' attribute, 'valid until' attribute, 'resubmission date' attribute, Version history functionality attribute, Voting state attribute and Process responsible functionality relations are not available.

    note

    For information on the configuration of these model types, attributes and relations, see Configure Mapping.

Textual View

  • The Textual View is only available if the configured model types (and their Description attributes) are available. Object types, relations and attributes that are not available are omitted.

Validation

  • A check is only available if the required object types, relations, model types or attributes are available.

Charts

  • Matrix charts are only available if there is at least one available object type/relation for the row/column/cell.

  • Bubble charts are only available if the configured object type and the x-axis/y-axis attributes are available.

  • Gantt charts are only available if the configured object type and the attributes are available.

  • The dependency modeller is only available if Cross-Domain Models are available. When an analysis is performed with the dependency modeller, layers which contain unavailable object types are empty.

  • Box-in-box charts are only available if the configured object types, relations and the model type are available.

Process Synchronisation

  • Attributes can only be synchronised between a Process and a referenced Business Process Diagram if access to the Synchronisation active and Date of last synchronisation attributes of Processes is not restricted.

Process Simulation

  • Process simulation is only available to users who have access to the following metamodel elements and the properties listed for these elements:

    Start Event

    • Name

    • Order

    • Quantity

    • Time period

    • Sequence flow

    Intermediate Event (sequence flow)

    • Name

    • Order

    • Sequence flow

    Intermediate Event (boundary)

    • Name

    • Order

    • Type

    • Cancel

    • Rate of activity completion at event occurrence

    • Probability of occurrence

    • Sequence flow

    Task

    • Name

    • Order

    • Sequence flow

    • Attached to

    • Responsible for execution

    • Technical resources

    Subprocess

    • Name

    • Use aggregated subprocess values

    • Order

    • Sequence flow

    • Attached to

    • Referenced subprocess

    • Responsible role

    Exclusive Gateway

    • Name

    • Sequence flow

    Non-exclusive Gateway

    • Name

    • Gateway type

    • Converging

    • Sequence flow

    End Event

    • Name

    Cross-reference

    • Name

    Role

    • Name

    • Hourly cost

    Resource

    • Name

    • Hourly cost

    Sequence flow

    • Name

    • Default

    • Transition condition

    • Variables

    Attached to

    • Name

    Responsible for execution

    • Name

    Technical resources

    • Name

    Referenced subprocess

    • Name

    Responsible role

    • Name