Permissions and Functional Scopes
To avoid having to define access rights for each individual user, you can use a Functional Scope to specify the general access rights and context menu commands for project groups (administrator, project manager, tester, etc.) for a project. The advantage is that you can quickly and easily manage permissions and offer the corresponding context menu commands for a larger number of users. The functional scope are later assigned to the project groups, so that all project users assigned to this group receive the defined access rights from the functional scope.
Example: You have different areas in the project, such as project manager and tester. Both groups have different tasks and authorities. Accordingly, both groups need their own functional scope. In each functional scope, you restrict the access rights to the stereotypes that are to be created, changed, deleted and displayed and at the same time specify which actions and commands may be executed.
The general access rights of the functional scope can be extended with the help of permissions. If packages can basically be created, edited and deleted in a project, there may be packages that contain data that should not be available or only be available to selected user. Then you can use permissions to define which persons and project groups have access rights. You set permissions for specific packages, queries, views, and directories.
If you want to restrict the permissions further, you can also define permissions for state transitions. This enables you to define authorizations that only certain persons and project groups are allowed to change, for example, the status.