Can I control access rights to my models?
Decision Explorer® includes an “undocumented” feature that allows you to control whether users who are given the model can create or edit concepts and links. You can determine the state of the model when it is first loaded, and give additional access rights by using a password system.
The various levels of capability available are as follows:
|Supervisor||The “Normal” mode used if you don’t take any action. Full access, able to fully edit the model, and to change access control settings.|
|FullControl||Able to fully edit the model and add/edit users, but not change access control settings.|
|FullAccess||Able to fully edit the model, but not change access control settings.|
|DelPrev||Able to add new concepts and links, and to edit and delete concepts and links which were made in the current or previous “session” (ie concepts that are listed by the LN command). Thus concepts can be created and corrected, but “after a while” they become unchangeable.|
|DelSession||Able to add new concepts and links, and to edit and delete concepts and links which were made in the current “session” (ie concepts that were added since loading the model). Thus concepts can be created and corrected, but once saved (and closed) they are unchangeable.|
|AddPrev||Able to add new concepts and links, and to edit concepts and links which were made in the current or previous “session” (ie concepts that are listed by the LN command). Thus concepts can be created and corrected, but “after a while” they become unchangeable.|
|AddSession||Able to add new concepts and links, and to edit concepts and links which were made in the current or previous “session” (ie concepts that were added since loading the model). Thus concepts can be created and corrected, but once entered they are fixed.|
|ReadOnly||Concepts and links can be fully viewed and analysed, but nothing new can be added to the model. Note that select boxes in this mode are always “solid”, not dashed.|
|None||No concepts or links can be seen. This is primarily aimed at being the starting level, since a model with this level of access is NOT secure. Anyone can see the actual text using a file dump utility.|
A model always starts in supervisor mode, and any passwords specified have no effect until a supervisor password is set using the setsuper command.
A model can have two user passwords, each with a different access level. This allows the supervisor to give different access to different groups of users. For instance, the local facilitator can have FullAccess when needed, but client users only have ReadOnly access.
Further, a model has a starting access level, allowing any level to be active when it is first loaded. This allows a facilitator to set the model in a suitable mode without the client user having to enter a password (or even know a password is available).
The commands available are as follows: (<password> should be a single word.)
|login <password>||Compares the model passwords with that specified, and sets the appropriate access level. This only has an effect when access control is enabled.|
|newpass <password> <level> [<which>]||Changes one of the two passwords available in the model. The <level> parameter should be one of the words listed in the above table. If <which> is not specified, then password 1 is set. Otherwise it should be 1 or 2. These may be set before access control is enabled. Only available when currently at supervisor level.|
|superpass <password>||Enables access control, storing the <password> to enable later modification of access levels. The model must be saved for access control to be permanently stored. Only available when currently at supervisor level. Do not forget this password!|
|stdlevel <level>||Sets the standard access level, which is set when an access controlled model is loaded. The <level> may be any of the words listed above. Only available when currently at supervisor level.|
|logout||If access control is enabled, this command sets the current level to the standard level.|
|nopassword||Removes access controls from the model. Only available when currently at supervisor level.|
Note: In the case of loss of passwords, particularly the supervisor password, it will be necessary to return the model file to Banxia Software to be changed. Contact firstname.lastname@example.org for details of the cost.
Can you show a typical session?
For an example, we will assume that we want to give a model to a group of people. Most people are to be allowed to view the model to see what the current thoughts are but they are not to be able to edit it. Some of them (the editors) are to be allowed to edit it too, to add their thoughts. We will allow them to edit only concepts they add in the same session (since loading the model this time). We will enter the following commands to prepare the model for use:
|stdlevel readonly||Set the starting mode to be read-only.|
|newpass london delsession 1||Set up one of the passwords to be “london” with the ability to create concepts and delete those entered in the current session. (The other password is not set, so it will remain dormant.)|
|superpass consult||Set the supervisor password to “consult”. Do not forget this password! This activates the security system, but you are still in supervisor mode. Use “Logout” to test the model.|
The model can now be saved and put on the server for the group to use. You will probably want to turn on the name facility, and auto-prompting, so that sharing works better. When a user loads the model, it will be in read-only mode, which is how we want most people to use it. When one of the editors wishes to add to the model, they simply enter the password:
|login london||Enter the password to be able to add to and edit the model. (The actual rights are determined by the supervisor earlier.|
Concepts may now be entered and edited. When finished, simply close the model – a specific logout is not needed unless you want to leave the model with someone in read-only mode.
Logging in using the supervisor password will allow you to change any aspect of the model. If you are at the computer of one of the group who you are restricting, then you will want to use the logout facility to return to the default mode (or login using another password).
How do I remove access control?
If you wish to remove password control from the model you must login as the supervisor, and then use the nopassword command. Make sure you save the model after doing this.
|login consult||Log in as the supervisor|
|nopassword||Remove access control|
Is password control secure?
This systems is designed to help people manage who can edit models co-operatively. It is not designed to provide tough security, and it is not “bulletproof” – an export user can work round some of the restrictions. It is however a useful tool to help groups manage the workflow associated with models.