Controlling access to project files
DPM stores access control information for projects, activities (applications), and activity features. DPM filtering provides a view of collections that shows only those objects that the logged in user has permission to see.
Project files
All user file access is through the Files activity or various other activities that all use the File Management component to control access. The activity shows only those files in the User and Shared areas for the specific project. Only a user with permission for the Files activity and the project can move or delete files.
Participant records
Access to sample database servers (participant records) is protected through the
SampleMgtGUI.Config.xml file installed by default in [INSTALL_FOLDER]IBM\SPSS\DataCollection\<version>\Interviewer Server\FMRoot\Shared\Config. The name and location of this file are stored in the SampleMgtConfigFile site property in DPM. For more information, see
Controlling access to sample data.
Sample management scripts
Sample management scripts run as the UNICOM Intelligence Interviewer - Server Admin Running User that you created before installing UNICOM Intelligence Interviewer - Server Admin. This user must have Administration privileges, which means that the sample script has wide access to the whole system. Sample management script writers can use CreateObject to create COM objects which they can then use in the script. This means that the sample management script has access to the file system as an administrator.
(CreateObject can also be used to create ADO objects and access databases.)
The Running User must also have access to all respondent, sample, and quota data, as well as access to databases that UNICOM Intelligence Interviewer - Server Admin uses internally.
Only trusted users should be given access to activities that allow editing of sample management scripts. These activities are Activate and EditSampleScript.
Access to sample management scripts in the Launch activity is protected through the Interview.Config.xml file, which is normally in:
[INSTALL_FOLDER]IBM\SPSS\DataCollection\<version>\Interviewer Server\FMRoot\Shared\Config
The name and location of this file are stored in the InterviewConfigFile site property in DPM. For more information, see
Controlling access to sample management scripts.
Quota information
Access to quota databases is not currently restricted. You should restrict access to the Quota program that accesses quota information.
Respondent data
Respondent data is held in project-specific tables in the UNICOM Intelligence Interviewer - Server Admin Data database. Access to respondent data can be controlled by setting specific permissions on the activities that use respondent data. These activities are:
▪Project Editor. The New and Edit menu items allow users to set up or change the properties used to connect to a database.
▪Status. Allows users to view status information about a project, such as the current counts of active and completed interviews.
▪Export Data. Allows users to export respondent data.
▪Survey Results. Allows users to view respondent data by creating simple tables.
▪UNICOM Intelligence Reporter. Allows users to view respondent data in detail using a tool that provides full tabulation facilities.
The SQL tables that store the respondent data are not protected. You need to handle the security on these databases through the UNICOM Intelligence Interviewer - Server Admin group that was set up during installation. Only users who need access to data in order to activate projects or view data should be members of that group.
There is currently no simple method of setting different permissions for individual databases.
See also