Use case

There are Protected Job Groups. Only a specific group of users who are members of an "Authorized User Group" has access to these groups. Users who do not belong to this circle do not have access to the protected job groups, namely in the job management, in the TM browser, in the status overview or other places in ONTRAM.

Initial configuration

• Permission "Protected order groups - Administration" (Authorized User Group Manager) necessary
• A user must be of the type "Support", only this user may assign permission to manage protected groups

Administration

In order to create and edit the authorized user groups, the authorization "Authorized User Group Manager" is necessary. As usual, this permission can be added to a permission profile via → User→... administration. However, with the following special features:

• only users of type "Support" may add this permission
• no super user login may be used
• the user password must be entered for authorization

Subsequently, a new menu item is visible in the user administration for users authorized in this way: Administration → User → "Authorized User Group". New groups can be created here, users can be added, and the job group to be protected is defined here. The processing of authorized user groups is subject to the following requirements:

• Permission "Protected order groups - administration" required
• no super-user login may be used
• the user password must be entered for authorization
• User must not be a member of an administrative group

Job creation and adminstration

Members of the authorized user groups can see the protected group in the job management and are enabled to create jobs here.

Only users who are members of the user group can be assigned to a role in the workflow.