Open topic with navigation

About the Cumulative Effect of Data Permissions

You can define data permissions for both Security Users and Security Groups. Because each type of permission offers different advantages, you will probably want to use a combination of both Security User and Security Group permissions to achieve the specific permissions that are needed for your system.

Note: Data permissions are cumulative. A given Security User will be granted the sum of all permissions assigned to him and to all the Security Groups of which he is a member. In addition, permissions that are granted to Security Groups spread down automatically to all of their security subgroups.

Example: Cumulative PermissionsClosed

Consider an example where:

If John Smith is a member of the MI Inspection Security Group, he will have all permissions on the Recommendation family. The permissions assigned to the MI Inspection group are added to the permissions assigned to John Smith at the Security User level, therefore giving him full permissions to the Recommendation family.

Due to the cumulative effect of data permissions, you will want to assign to a given Security Group the lowest level of permissions that you want to grant to any member of that Security Group. Then, you should grant additional permissions to individual Security Users who need to have more permissions.

Related Information

Copyright © 2018 General Electric Company. All rights reserved.