Last update November 17, 2015
The highest level of access controls administrative access to the SCM-level objects. These objects are projects, repositories, users and user groups, and form types.
The access methods for these objects are as follows:
- Secure SCM
Defines who can grant access control for the following SCM-level objects: Admin Project, View Project, Admin Repository, View Repository, Admin User/Group, View User/Group, Admin Form Type, View Form Type. Having Secure SCM access does not imply being able to delete or edit SCM-level objects. Users with access to the secure method must explicitly give themselves access to other methods; they are not automatically available.
- Admin Project
Defines who can create, delete, view, and set access to all projects and their aggregate objects (states, processes). For example, when a user creates a project, that user can give the ownership of the project to a user group at the object-level by assigning Secure Project access. This access also means that users can give themselves access to do anything in the projects they have created.
- View Project
Defines who can view the properties of all projects inCA Harvest SCM. User groups with View Project access can also view the properties of all objects (states, processes, packages, package groups, and views) in the project.
View Project access does not prevent a user from being able to modify objects in the project. For example, a user with View Project access can have Update access to states in that project. In this case, the user can modify the state properties, but not the project properties.
In addition, lacking Admin Project access does not prevent a user from being able to modify a particular project. For example, a user with View Project access can have object-level Update access to a particular project. In this case, the user can modify the project properties and add, delete, and update the states and processes in that project.
- Admin Repository
Defines who can create, delete, view, and set access to all repositories and their aggregate objects (items and item paths). This access method implicitly grants view access to all items and item paths in all repositories.
- View Repository
Defines who can view all repositories inCA Harvest SCM. Users who have view access to a repository can see the properties of the repository and the items and item paths in it, provided that item/path view access is granted at the item/path level.
- Admin User/User Group
Defines who can create, delete, edit, and view users and user groups.
- View User/User Group
Defines who can see the properties of user and user group records. View access allows the user to see the information that shows in the object's properties dialog, but in a read-only mode.
- Admin Form Type
Defines who can create, update, delete, and set access to form types. Users with Admin Form Type access can give themselves or others access to edit the form types they created.
- View Form Type
Defines who can view the properties of all form types inCA Harvest SCM.
Lacking Admin Form Type access to an object does not prevent a user from being able to update forms. For example, a user with View Form Type access can update forms of that form type. In this case, the user can modify the form properties but not the form type properties. Although forms are not securable objects, their access is controlled by the packages they are associated with and package access is controlled by Update Package access at the state level.
Set SCM-Level Access
You set and modify the SCM-level of access by using the Access Control dialog. This dialog is available on all tabs of the Administrator application.
You can modify access whenever necessary; however, consider the following caution:
Important! CA Harvest SCM reads object-access information when the object is accessed. When you are using an object and change its access, the change does not take effect until you exit the dialog and reload the object information.
Follow these steps:
- Click any tab of the Administrator application.
- Click SCM, Access Control.
The Access Control dialog appears.
- Select the access type you want to grant to a user group from the Access Type drop-down list.
The user groups that are granted the access type selected in the Access Type are listed in the User Groups with Access list.
- Click Add.
A dialog appears that lists all available user groups.
- Select one or more user groups to grant access to and click OK.
The selected user groups are listed in the User Groups with Access list.
- (Optional) To remove a user group from the list, select the user group, and click Delete.
The user group is removed from the list.
- Click Close.
The user groups are granted access and are included in the list of user groups that have been granted access to the object.
Was this helpful?
Thank you for your feedback.