Terms/Legend
Admin: user assigned to the admin role
BC: business context
CtxCat: context category
CtxSch: context scheme
CtxSchVal: context scheme value
BIE owner: the user specified as a BIE's owner
manage [x]: create, edit, or delete [x]
N/A: not applicable
←→: association
...
manage context: manage BCs, context categories, or context schemes (including context category values)
←→: association
: no user (not even admins)
: User action is applicable to an on-prem instance (just a visual cue)Status colour Purple title oP
: User action is applicable to a multi-tenant instance (just a visual cue)Status colour Green title mt
Authorization table
| Info |
|---|
The permissions authorization indicated in the “On-prem instance” column reflect Score Score’s current behavior (pre-multi-tenant) behavior. |
| 1 |
| PermissionsAuthorizations | Notes|||||||||||||||
| 2 | On-prem instance | Multi-tenant instance | Create BIE where all BCs are available |
|
| Create BIE in BC associated with tenant |
| ||||||||||
| 3 | Manage user
| Admin | Admin | ||||||||||||||
| 4 | Manage tenant
|
| Admin | ||||||||||||||
| 5 | Manage user←→tenant
|
| Admin | ||||||||||||||
| 6 | Manage BC←→tenant
|
| Admin | ||||||||||||||
| 7 | Create BIE
| Any user1 | Any user associated with thea tenant | This includes an initial association to a BC where the BC options are limited to the user’s tenancy. | Manage CtxCat, CtxSch, CtxSchVal, BC 2,3 | ||||||||||||
| 8 | Manage BC←→BIE
| BIE owner3 | BIE owner2,3 | ||||||||||||||
| 9 | Manage context
| Any user | Admin | ||||||||||||||
| 10 | Create tenant |
|
| Manage user ←→ tenant |
|
| Manage BC ←→ tenant |
|
| Create user |
| Admin Transfer ownership of BIE
| |||||
Manage BC ←→ BIE |
|
| This does not include an initial association to a BC on BIE creation. | ||||||||||||||
| BIE owner | BIE owner5 | |||||||||||||||
| 11 | Manage modules
| Any user |
| ||||||||||||||
| 12 | Manage Core Components4
| Developer |
| ||||||||||||||
| 13 | Make BIE reusable
| BIE owner |
| ||||||||||||||
| 14 | Create ABIE extension locally
| BIE owner |
| ||||||||||||||
| 15 | Create ABIE extension globally
| BIE owner |
| ||||||||||||||
1All BCs are available to the user.
2The BCs available to the user are limited by their tenancy. Users not associated with a tenant cannot create a BIE since they would not be able to assign a BC on BIE creation (all the BCs would all be filtered out). However, it would make sense to alert the user, perhaps on login, that they can’t do anything useful in Score until they have been assigned to a tenant.
3Note that Admins have no special authorization in this case.
4To be precise, Developer can manage CCs in Working Branch but end user cannot. End user can manage end-user CCs in Released Branch.
5Users to whom the BIE ownership may be transferred are limited to users associated with tenants associated with BCs associated with the BIE (other than the current owner — doesn’t make sense for an owner to transfer ownership to themself).