IBM Support

How to configure a DOORS project to only allow module edits

Question & Answer


Question

How do you set up an IBM Rational DOORS project so that you can edit existing modules but not create new modules or projects?

Answer

To set up a user that can only update existing modules, but not create, rename, or delete modules, nor create or delete projects:

  1. Create a user of type Standard for each restricted user -- these users cannot create projects. For each user that already exists, you can edit the user to change the user type to Standard.
  2. Create a group that will contain all the restricted users -- that way, you can base the special project's access permissions on a single group, and add new restricted users to this group as needed.
  3. Right-click the special project and choose Properties.
  4. Click the Access tab.
  5. Configure the user list to include the group that will contain the restricted users. Make sure only Read (R) access is checked. This will allow the restricted users to see the project, but will prevent them from creating new modules, folders, and projects inside the project (these operations require Create (C) access).
  6. Click OK.
  7. For each module in the root project that you want the restricted users to access:
    1. Right-click the module and choose Properties.
    2. Click the Access tab.
    3. Uncheck Inherit from parent if needed.
    4. If the module already lists the group that contains the restricted users, select it and click Edit. Otherwise, click Add to add the group to the user list.
    5. Ensure the group that contains the restricted users has the following access privileges:
      Read (R) - see the module
      Create (C) - create new objects, attribute types, and attribute definitions in the module
    6. Note that we are not including Modify (M) access in the previous step. This so these users do not have the ability to rename the module, which Modify access includes. Because the module does not have Modify access, but you do want these users to be able to edit existing objects, you need to propagate additional access rights with create access -- at the very least, Modify (M) access. This allow users with create access to also edit objects. If you want users to be able to delete created object as well as edit them, you also need to propagate Delete (D) access.
      To propagate additional access rights with create access:
      Towards the bottom of the window which you still should have open (Module properties, Access tab), there's a Propagate section. Choose which additional access privileges you want users with Create access to have -- it should be at least Modify (M), but more likely it will be Modify and Delete (MD).

[{"Product":{"code":"SSKR2T","label":"IBM Engineering Requirements Management DOORS"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"General Information","Platform":[{"code":"PF033","label":"Windows"}],"Version":"9.1;9.2;9.3;9.4;9.5;9.5.1;9.5.2;9.6;9.6.1","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Document Information

Modified date:
01 May 2020

UID

swg21416479

Page Feedback