| Solution ID: prim10114 |
| Project Manager Security Changes from 3.5.1 to 4.0 |
| Status: Reviewed |
| Version(s): 3.5.1, 4.0 |
| Problem: | Project Manager Security Changes from 3.5.1 to 4.0 |
| Fix: | 3.5.1 to 4.0 Security Changes GLOBAL SECURITY PROFILE Item 1:Added a new privilege called View Resource Role Proficiencyto the global security profiles. If the user has the View Resource Role Proficiencyprivilege checked, the user will be able to view the proficiency regardless if they can edit the resource or not. If the user does NOT have theView Resource Role Proficiencyprivilege checked, the user will NOT be able to view the proficiency regardless if they can edit the resource or not. Item 2:Secure Code Security The ability to create, edit, delete and view Secure Codes and Secure Code values is controlled by four new global security privileges: Add and Delete Secure Codes Edit Secure Codes Assign Secure Codes View Secure Codes Item 3:Project Requests and Processes Security Added a new privilege called Create Project Requests and Processesto the global security profiles. “Initiate a Project Request” will appear in the Select An Action dropdown on the upper right corner of the personal portal and the Project Management pages for any user that has the global security privilege to Create Project Requests and Processes set to true. Added a new privilege called Edit Project Requests and Process Templatesto the global security profiles. “Create Project Process Template” will be added under the Administration section of the left hand navigation.This link will only be available if the user has the Edit Project Requests and Process Templates set to true. Item 4:Project, WBS and Resource Assignment View Layout and Filter Security Renamed the 3.5.1 global privilege called Edit Global Activity Layouts and Filters to Edit Global Activity and Assignment Layouts and Filters. This change reflects the 4.0 feature that allows Layouts to be saved in the Resource Assignments View. Added global privilege called Edit Global Project and WBS Layouts. This change reflects the 4.0 feature that allows Layouts to be saved in the Project and WBS Views. Item 5:Added global privileges called Edit Microsoft Project Templates This privilege was added to control improved options in the Import\Export Wizard when creating MS Project files.With the 4.0 wizard, MS Projects can be created based on user defined templates. A user with this access will have full control of the templates.The user can add, modify and delete the contents of the MSP template. If user has this security, all buttons on template dialog will be enabled. If a user does not have the above privilege, then the user will only be able to select which template to use.If user does not have the security to edit, then all buttons on template dialog will be disabled. The user could see what options are in the template by using the Confirmation text screen. Item 6:Added global privileges called Edit User Defined Fields In 3.5.1, the privilege that allows editing of User Fields is called Edit Admin Preferences and Categories. This privilege will no longer control access to editing user fields because User Fields will not be maintained as an Admin Preference. In 4.0 there is a new global level security privilege for user fields called: Edit User Defined Fields This privilege only applies to the definitions of the User Defined Fields. Adding Values for each field in any of the subject areas is controlled by the appropriate security privilege.For example, if Edit Resources is set to true, then values can be added for Resource User Defined Fields. PROJECT SECURITY PROFILE Item 1:Added project privileges called Add/Edit Project Template Documents A new Project level security privilege was added in 4.0 called Add/Edit Project Template Documents: This privilege is required to be able to add and edit Project Template Documents. This new privilege Add/Edit Project Template Documents is dependent on the existing project privilege Edit Project Work Products and Documents: If the Add/Edit Project Template Documents privilege is checked when the Edit Project Work Products and Documents privilege is not checked, both privileges will be checked automatically. HOWEVER, when the Edit Project Work Products and Documents privilege is checked, the Add/Edit Project Template Documents privilege will NOT be automatically checked. This new security privilege does not apply to any Project Manager functionality. Project Template Documents exist only in Primavision. If the user does not have the privilege then they cannot do ANY of the following in Primavision:
Item 2:Renamed the 3.5.1 project privilege called Project Schedule, Level, Apply Actuals and Period Close Out to Project Schedule, Level, and Apply Actuals.Close Out Period has become a separate privilege. If a user has this privilege set to true, the Period Close Out menu item (under the Tools menu) is enabled. If a user has this privilege set to false, the Period Close Out menu item is enabled, however, if the user chooses this option, they will get this message: “You do not have security privileges to apply period closeout.” This is also true when a user has multiple projects open, and he may have the privilege on some of the projects but not the others. If the user does not have privilege on any one of the open projects, he will get the message. During the Upgrade from 3.5.1 to 4.0, any user that had the previous permission set to true will have both Project Schedule, Level, and Apply Actuals and Close Out Period set to true.If the previous permission was false, then both Project Schedule, Level, and Apply Actuals and Close Out Period will be set to false. Item 3:Workgroups Security Three new project privileges were added in 4.0 to accommodate subproject workspaces: 1. Create workgroups – If the user does not have this privilege then the Add link will be hidden from the Workgroups portlet. 2. Delete workgroups ?If the user does not have this privilege then the 揇elete?link will be hidden from the Workgoup portlet. 3. Modify Project workspace and workgroup preferences ?this preference controls access to the project workspace preferences and the workgroup preferences. The user must have a PM license and this privilege to customize the project workspace and workgroup preferences. Item 4:Added project privileges called Perform Activity Resource Requests If the user has the security privilege to Add/Edit Project Activities, the user will automatically have the privilege to Perform Activity Resource Requests.In this case all buttons are accessible to the user. If the user does not have the security privilege to Add/Edit Project Activities, but has the Perform Activity Resource Requests privilege, the user will ONLY be able to perform Resource Requests.Once the resource request (role assignment) is made the user can NOT edit the assignment. If the user does not have the security privilege to Add/Edit Project Activities and does not have the Perform Activity Resource Requests privilege, the user will not be able modify the activity or perform resource requests. |