Setting access control : System Architect Catalog Manager
  
System Architect Catalog Manager
System Architect Catalog Manager is an optional add-on tool that provides role-based access control to shared encyclopedias. Network or System Architect Administrators use it to control the permissions that users are assigned when they work on encyclopedias, and to control the commands users can run on encyclopedias attached to a catalog.
Typical System Architect users are not required to run System Architect Catalog Manager (SACM) to work on catalogued encyclopedias. It is not required that SACM is running when the catalog has been configured. The catalog, which is an SQL Server database on the same server as encyclopedias, enforces access control on encyclopedias that are attached to it. System Architect users only access the encyclopedia objects and System Architect menus granted to them through SACM.
What is an enterprise catalog?
An enterprise catalog is a SQL Server database that controls user access to other databases on the same server: those other databases are System Architect Enterprise type encyclopedias. Access control is enforced only on encyclopedias you attach to a catalog. The catalog manages the permissions by assigning to users, roles that determine the diagrams and definitions they can work on, and the System Architect menus and macros they can run against encyclopedias.
For more information, see What is an enterprise catalog?.
System Architect Catalog Manager users
For more information, see System Architect Catalog Manager users.
Access control levels
System Architect Catalog Manager provides two levels of access control to encyclopedia objects. The first level, role-based access control (RBAC), controls permission to object types. It is a general level of control that makes no distinction among objects of the same type. If you grant a permission to use case diagrams, then you grant permission to all use case diagrams. Instance Level Access Control (ILAC) provides a higher, more specific level of access control, where you can select different permissions for objects of the same type. For example, you can grant the “read” permission to one use case diagram, and also grant the “write” permission to a different use case diagram.
For more information, see Access control levels.
Encyclopedia types
System Architect Catalog Manager and System Architect distinguish between encyclopedias attached to a catalog and not attached to a catalog. If attached to a catalog, an encyclopedia is of the type enterprise; if not attached, it is of the type professional. There are no structural or functional differences between the types, and they can be changed from catalogued to non-catalogued by attaching or detaching them from a catalog.
For more information, see Encyclopedia types.
Root nodes overview
The System Architect Catalog Manager window contains these nodes.
For more information, see Root nodes overview.
Users & groups
A user is an individual with a name and an audit ID who can be assigned one or more roles on cataloged encyclopedias. A group works the same as an individual user, except that it contains multiple members. A role that you assign to a group is assigned to all members of the group. A group itself can be a member of a different group.
For more information, see Users & groups.
Getting started
For more information, see Getting started.
Instance level access control
For more information, see Instance level access control.
Working with catalogs
For more information, see Working with catalogs.
Permissions
For more information, see Permissions.
Roles
For more information, see Roles.
System Architect Catalog Manager menus
For more information, see System Architect Catalog Manager menus.
Frequently asked questions
What is the System Architect Catalog Manager?
For more information, see Frequently asked questions.
Sample task list for access control
This section contains a sample task list that must be completed to enforce encyclopedia access control to a fictional System Architect user.
For more information, see Sample task list for access control.