Creating user groups and project security

About this task

You may wish to create and assign users to groups. These groups can be used to allow groups of users to be added to the ALMAdmin record, and to control the visibility of records by the ALMSecurityPolicy records.

Procedure

  1. Click Start > All Programs > > HCL > KATA > Compass User Administration to open the User Administration tool.
  2. Click Group Action > Add Group. Choose a name for your group and enter it in the Name field. In the Users field select the user IDs of the members of this group. Click Add to add them to the Member Users field.
  3. Click OK.
  4. You may wish to create a one or more groups of users who will be added to the ALMAdmin record. Repeat steps 2 and 3 to create each such group. Add the user IDs of users who are permitted to create projects and create and modify records of the following record types that span projects:
    • Category
    • Project
    • ResolutionCode
    • SecurityPolicy
    • Record types whose name includes the suffix Label.
    HCL Compass ALM requires Security Policies (ALMSecurityPolicy records) to control visibility of records associated with projects. You create HCL Compass user groups to control project record visibility based on your organization's policies on sharing information between projects.
    • The simplest policy is to allow everyone to have visibility to all projects. Feature Level 7 has a built-in group named Everyone that may be used for this situation. (Feature Level 6 also has the Everyone group, however, pre-7.1 clients do not support using the Everyone group as a SecurityPolicy. For Feature Levels level 5 and 6 databases, you should create a group or set of groups that include all the users in your organization (but do not name this group Everyone or it will conflict with the built-in Everyone group of feature level 6 and 7). These groups can then be added to one ALMSecurityPolicy that then allows access to all members in your organization.)
    • More complicated security policies create multiple groups of users that have access to only certain projects. Each project then references the appropriate ALMSecurityPolicy that has those groups as members.
  5. Create groups for SecurityContext as follows:
    • All records that reference a project must reference an SecurityPolicy record.
    • An SecurityPolicy record has a name and a reference to a user group.
    • The SecurityPolicy name is set on the History tab for all records except records supplied by HCL Compass packages other than the ALM package.
    • The user ID of everyone who needs to see and work on records associated with that record's SecurityPolicy must be included in the user group associated with the SecurityPolicy referenced by that record type (such as ALMCategory, ALMProject, ALMPhase, ALMIteration, ALMRole, ALMComment, ALMRequest, ALMTask, ALMActivity, BTBuild and ALMWorkConfiguration record types).