With Release 1.0.11 (05-10-2023) the SEC-Hub moved onto a Role-based permission system. This means permissions are handled with predefined roles that encapsulate and simplify permission across the SEC-Hub. All the roles except Admin are based on individual projects.
Note: The roles are hierarchically listed in the below-mentioned order. This means that the role also has the same permission as the roles mentioned below it.
The roles are the following:
Admin
Permission: Global Permission
This role gives the user the highest level of permission across the SEC-Hub. This role grants rights to access and write everything throughout the SEC-Hub. People with this role can manage other users' roles, create projects, archive projects, edit projects, and access the setup page where the Admin can manage syntax and classification tables.
This role is meant for people who are the Administrator of the SEC-Hub within the organization. Once the Admin role is assigned, you will be able to assign any other role since this will overrule it.
Manager
Permission: Project Specific
This role grants highest permission within a specific project. This role gives rights to create/edit/archive context, revisions, and manage owner/owner groups.
This role is meant for users who is going to do the most of the managing of the projects once it is created by an Admin. This could be creating the needed context, revisions, owners/owner groups and much more.
Editor
Permission: Project Specific
This role grants permission to a specific project where the user can edit data within the context and build structures, such as creating Object Occurrences, interfaces, and much more. This will include access to all future created contexts
This role is meant for engineers/specialists/owners who is creating and maintaining the structures, interfaces, object occurrences and much more.
Viewer
Permission: Project Specific
This role grants permission to a specific project where the user can read and view all data within the project but does not have permission to edit or modify any data.
This role is meant for stakeholders or other users who just need to view the project/context and its progress.
Custom
Permission: Context Specific
This role was created to handle edge cases where the user only needs access to a specific context, and this access can either be write or read, depending on the need.
This role is designed for suppliers or other users who only need access to a trade study or a specific context.
SEC-Hub Team recommendations
We recommend you only assign Admin role to as few users as possible, and only users who actually needs access and permission to all the views and actions this role grants. With great power comes great responsibility.
Overview of roles and specific rights:
Note: the role mentioned in the "role" column is the lowest level of role that has access. So when the Editor is written, this means that the Manager and Admin also have this right.
Rights | Role |
Can access the User page | Admin |
Can access the Setup page | Admin |
Can create/edit/archive Project | Admin |
Can create more description field | Admin |
Can create/edit/archive context | Manager |
Can edit context progression | Manager |
Can create/edit/delete owners/owner groups | Manager |
Can create revision | Manager |
Can create/edit/delete OOC | Editor / Custom (context: write) |
Can create/edit/delete OOR | Editor / Custom (context: write) |
Can create/edit/delete OODR | Editor / Custom (context: write) |
Can save SIMO Filters | Editor / Custom (context: write) |
Can access Meeting Planner | Editor / Custom (context: write) |
Can create Trade Study | Editor / Custom (context: write) |
Can see non archived Projects/Contexts/Revisions | Viewer/ Custom (context: read) |
If a right is not mentioned, it is because it is not hidden behind permission directly, such as Dashboard. If you have access to the project, you will have access to Dashboard and its functions.
If you are interested in how this is done inside the SEC-Hub, read this article.