SpecLink: The Next Generation, Part IV

This is the fourth article in a series describing the functionality expected to be included in BSD’s forthcoming next generation release of the SpecLink product. You can read previous articles by visiting the BSD website at www.bsdsoftlink.com/linkline/current/linkLine_archives.htm. BSD is spending hundreds of thousands of dollars on this next generation initiative to update our technology and support our rapidly growing customer base with improved and extended functionality. Previous articles discuss the rationale behind this initiative and BSD’s most important goals in embarking on this development effort. They also discuss the new user interface, new installation and updating technologies, and E’s connected and disconnected operation in a network environment. The most recent article describes BSD’s approach to achieving meaningful interoperability between CAD, cost, and specifications applications.

In this article we want to talk about how use of the system is controlled and how users can be managed within that system— how they can be authenticated and authorized when and where it is important to do so. Note that until the product is released there can and probably will be changes to the features and functionality described herein. This article describes the current design intent and development effort.

Use of the SpecLink-E (SLE) system is affected by licensing and user role assignment. One way to look at this breakdown is that licensing provides BSD’s mechanism for controlling use of the software and documents, and user roles provide your mechanism for controlling use. This article is about role management but let’s first talk a little about licensing.

Licensing determines operating mode and access rights. Access rights determine the groups of documents or sections (catalogs) that the user is allowed to access and operating mode determines the type of access. There are three operating modes that are currently applicable: Evaluation Mode, Review Mode, and Subscription Mode.

The Evaluation mode is enabled by the lack of any license. The Review mode allows the user read-only access to the documents for which you have a license but does not increment the concurrent user count. Subscription mode allows read-write access to all catalogs for which the customer is licensed and increments the concurrent user count by one for each user.

As we start to talk about user roles, we want to make it clear that the implementation and use of user roles is not mandatory. In fact, SLE defaults to a configuration that does not require user role assignments. All users are essentially system administrators and have access to all system functionality. However, once you check the box to enable security, and assign the role of System Admin to one or more users, no other user can access the system until and unless they are specifically identified and assigned a role by a System Admin.

There are six roles that can be set by the system or assigned by the System Admin:

• Evaluation User (EVL)
• Reviewer User (REV)
• Standard User (USR)
• Expert User (EXP)
• Project Admin (PAD)
• System Admin (ADM)

Note that a System Admin does not have to be someone with Windows administrator rights. In this article, Admin refers to a user whose role in SLE is System Admin (ADM) and Windows administrator refers to someone with administrator rights on the Windows network.

The Reviewer User has read-only access throughout the system and does not have access to certain commands. The Reviewer User role does not add to the concurrent user count. The Evaluation User role is forced by the Evaluation Mode (essentially set by the lack of any license). This role cannot print or export documents, does not have access to certain commands, and is limited by access rights to only a few documents.

The Standard User (USR) role prepares documents for publication and has access to all functionality not identified as specific to other roles. The Expert User has the ability to add, modify, and delete the following items while the Standard User cannot:

• Links
• Choice Fields
• Global Terms
• Document Templates
• Styles

There are two levels of role management: system level and project level. The system level determines the user’s ability to access the system and system level commands. It is also used as the default if project level roles are not specified. When system level security is enabled, it is possible to enable role management separately for each project. That is, a System Admin can enable role management for a given project and assign a Project Admin role to a user on a project by project basis.

The accompanying figure displays the Set Project Roles dialog. The Project Admin has the ability to specify users and roles that apply to that project independent of all others. Using project level security, a user can be given Expert read-write access to one project but not have any access to a second project. Another user might be given a Reviewer role for a given project without any ability to edit the project.

A user’s access for a given project can also be limited to certain catalogs (groups of documents or specification sections) such as the architectural catalog or the civil catalog. And a Project Admin has the ability to create a project-level catalog (grouping of documents) and limit a user’s access to only the documents contained in that catalog on this project.

SpecLink-E incorporates the experience we’ve gained over the past decade and more, working with thousands of users. We welcome your feedback as well, as we move the product toward completion. Our measuring stick will be your productivity and the quality of your specifications, and we will not call SpecLink-E complete until we’re completely confident we can measure up. Nevertheless, we look forward to completing this year, and to working with you to make your transition to SpecLink-E as seamless, as effortless, as possible.