Object Security for Actions in DA Units

Back to Top of Security for Objects in DA Units

Back to list of objects

The following table lists the types of users in a Platform configured for Delegated Administration and describes their access to Actions:

Note: The Actions are visible across DA Units, as long as the DA user groups have the privilege to view them. To prevent DA users from seeing Actions, make sure that the DA user groups do not have the privilege, Configuration - Actions - View.

Also note that DA visibility restrictions and privileges are NOT fully supported for Actions. See Supported Objects for Delegated Administration for more information.

User

Access

Principal Axeda® Connected Product Management Applications Administrator

Access to ALL Actions in the Platform. If selecting models for an Action, access to all models and assets in the Platform. When selecting the user groups who can view, edit, and execute the Action, access only to user groups in the Root DA Unit.

Non administrator with correct privileges

With appropriate privileges to the Configuration application and operations for Actions, this user can create, modify, and delete Actions.

The models available for selection (for Actions that require models) depend on the assignment of asset groups to user groups. For example, if this user does not have access to a certain model, the model is not available to select for the Action.

When selecting the user groups who can view, edit, and execute the Action, this user can see only those groups that are in the Root DA Unit.

This user cannot see Actions associated with models/assets to which the user does not have privileges. For Actions that are independent of models/assets, this user can see all Actions (given the privileges to the Configuration application and Actions).

1st level DA (DA1)

2nd level DA (DA11)

Another DA user within same DA as DA1

With appropriate privileges to the Configuration application and operations for Actions, DA users can create, modify, and delete Actions.

The models available for selection (for Actions that require models) depend on the assignment of asset groups to user groups. For example, if a DA user does not have access to a certain model, the model is not available to select for the Action.

When selecting the user groups who can view, edit, and execute the Action, DA users can see only those groups that are in their DA Units or child DA Units.

DA users cannot see Actions associated with models/assets to which they do not have privileges. For Actions that are independent of models/assets, DA users can see all Actions, across DA Units (given the privileges to the Configuration application and Actions).