Skip to end of metadata
Go to start of metadata

Team Server is now called HoriZZon Server. While the new name is being implemented in the software and on BiZZdesign Support, the old name may still be visible in places until the process has been completed. For more information, please refer to Team Server is now HoriZZon Server .

Document definitions and documents are now called data block definitions and data blocksWhile the new name is being implemented in the software and on BiZZdesign Support, the old name may still be visible in places until the process has been completed.


Different roles can be distinguished for users collaborating on model packages and projects in Enterprise Studio, working with HoriZZon, and working on the HoriZZon Server administration (users, groups, and packages) in HoriZZon. A role determines the user's permissions, and also which information in HoriZZon is visible to the user. Roles can be linked to individual users and to groups of users. A user or group can be assigned a single role, but also multiple roles.


On this page:


Types of roles

The following roles can be distinguished: Consumer, Contributor, Designer, Lead Designer, Administrator, and System Administrator. There is a dependency between the Designer and Lead Designer role, and between the Administrator and System Administrator role. A user who has the Lead Designer role, automatically also has the Designer role. A user who has the System Administrator role automatically also has the Administrator role. The Contributor role stands in its own. The Consumer role is the minimum required role for access to HoriZZon. A user who has the Contributor, Designer or Lead Designer role, automatically has the Consumer role.

Globally the roles offer the permissions as shown below. If a user is not assigned any of these roles, the user only has access to his or her personal details page.

The System Administrator role is not available in a hosted HoriZZon Server. This means that the HoriZZon Server administration settings are not available in a hosted HoriZZon Server, except the license information page. It is accessible for Administrator users.

Role

Location

Consumer

HoriZZon:

  • View sites that have been shared with him or her.
  • Inspect objects and relations in a site.
  • Explore object relations in a site.
  • Set views and properties as favorite.
  • Generate viewpoints on views.
  • View dashboards that have been shared with him or her.
  • Start workflow requests based on the default workflow.
  • View data blocks in sites.
Contributor

A Contributor has the permissions of a Consumer, plus the following.

HoriZZon Server:

  • Edit data blocks in model package data entry page (if enabled).

HoriZZon:

  • Perform workflow tasks.
  • Terminate own workflow requests.
  • Start workflow requests based on custom workflows.
  • Edit data blocks in sites.
  • Perform data tasks.

Designer
 
 

A Designer has the permissions of a Consumer, plus the following.

Enterprise Studio:

  • Track progress of model packages
  • Share model packages and projects he or she is are contributing to with others, and set access permissions.
  • Contribute to shared model packages and projects the user is invited to.
  • Commit own contributions.
  • Apply contributions from a project to its master model package (if invited to both).
  • Update a project with contributions from its master model package (if invited to both).
  • Create custom workflows (definitions).
  • Create and upload data block definitions.

HoriZZon Server:

  • Invite users and groups to model packages and projects he or she is contributing to, and set access permissions.
  • Manage access to model packages and projects he or she is contributing to.
  • View all model packages and projects he or she is invited to.
  • Remove own claims on model packages he or she is contributing to.
  • View all users and groups.
  • Edit own user name on the user page.
  • Revoke own invitations to model packages and projects he or she is contributing to.

HoriZZon:

  • Start workflow requests based on custom workflows.

Lead Designer

A Lead Designer has the permissions of a Designer, plus the following.

Enterprise Studio:

  • Create model packages and projects and save them on the HoriZZon Server.
  • Open and edit metamodels in the Metamodeler.
  • Migrate model packages to a new configuration.
  • Upload custom workflows (definitions) to HoriZZon.

HoriZZon Server:

  • Set up data policies and data maintenance for data blocks.

HoriZZon:

  • Create sites.
  • Edit and delete own sites.
  • Edit and delete other users' sites, if invited to the model package or project the site is based on.
  • Edit and delete workflows.
  • Add and share dashboards.

Administrator

HoriZZon Server:

  • View all users, groups, model packages and projects available in the HoriZZon Server.
  • Add users and groups.
  • Edit user, group, model package and project info (name, description, e-mail address).
  • Invite users and groups to model packages and projects, and set access permissions.
  • Manage access to model packages and projects.
  • Revoke invitations to model packages and projects for users and groups.
  • Remove users and groups.
  • Remove model packages and projects.
  • Remove claims on model packages of any user.
  • View license settings.
  • Add API clients.

HoriZZon:

  • Terminate workflow requests (all requests).
  • Manage workflows (edit, delete).
  • End other users' Enterprise Studio Online session.

System Administrator

A System Administrator has the permissions of an Administrator, plus the following: 

HoriZZon Server:

  • Edit HoriZZon Server identification details.
  • Edit HoriZZon Server e-mail configuration.
  • Activate license and view license settings.
  • Configure user authentication and single sign-on with LDAP, Azure AD, or another organizational account.
  • View the HoriZZon Server audit log.

Role assignment

The roles of a user or group are shown in the Info section on the overview page of the user or group. An icon next to a role indicates whether the role is assigned  or not . The role assignment of an individual user also indicates whether the role has been assigned directly to the user or via one or more groups, or both.



Roles can be assigned via the User or Group section on the manage page of the user or group, by selecting the checkboxes next to the roles. Roles can only be assigned by Administrator or System Administrator users.

The System Administrator role can only be assigned by a user with the System Administrator role, it is not available for an Administrator user.

Individual permissions versus group permissions

Role(s) assigned directly to a user give the user individual permissions. If groups have been defined, role(s) assigned to a group give all users in that group these permissions. The participation of a user in a group may result in different combinations of permissions for the user. Not only the user's individual permissions are shown, but also the permissions inherited from the group(s) the user is part of.

If you click the "via groups" link next to a role, the groups are shown. Clicking a group will open the group page.



Example 1

A user has directly been assigned the Designer role. The user is also part of a group that has been assigned the Lead Designer role. The user's permissions will look as follows:



Since the user's role inherited from the group includes more permissions than the individually assigned role, the user also has the permissions from the Lead Designer role. The Consumer role automatically comes with the assigned Designer role and Lead Designer role.

Example 2

A user has individually been assigned the Lead Designer role. The user is also part of a group that has the Designer role. In this situation, the individual permissions overrule the group permissions. The Consumer role automatically comes with the assigned Designer role and Lead Designer role. The user's permissions will look as follows:


Example 3

A user has individually been assigned the Administrator role. The user is also part of a group that has the Consumer role. The user's permissions will look as follows:



Since the user's individual role has other types of permissions than obtained via the group, the user not only has Administrator permissions, but also Consumers permissions.

User roles and inviting people for model packages and projects

Only users with the Lead Designer or Designer role can contribute to model packages and projects they have been invited to in Enterprise Studio. If there is no limitation set on inviting people, any person can be invited. If the invitee is an existing user or group without a designer role, this user or group will automatically be assigned the Designer role. If the invited person is new and does not yet exist in the HoriZZon Server administration, this person will also automatically be assigned the Designer role once he or she has registered with the HoriZZon Server.

If inviting users is limited to only existing users and groups, it is not possible to invite users who do not have the Lead Designer or Designer role. They must already have this role to be invited.

User roles and license seats

The different user roles are related to the seats from your Enterprise Studio license. Different roles take different license seats. The number and type of seats in your license determine which roles can be assigned to users and to how many users. For more information, please refer to About BiZZdesign license seats and their availability.

Group manage permissions

In addition to assigning roles, users can be granted group manage permissions to further delegate administrative tasks in the HoriZZon Server. The permissions can be granted to one or more members of a group. For more information, please refer to Granting users group manage permissions.