Security

For a detailed explanation of the security concepts implemented by openCRX you should consult the openCRX Security Guide. One of the basic security decisions you typically have to make is whether you want an activity tracker and all its related objects to be accessible by all users or whether you want to restrict access to the participants of an activity tracker. The former are called public activity trackers (i.e. all openCRX users have access), the latter are called private activity trackers (i.e. only participants have access).

• Public Activity Trackers

  If you create a new activity tracker it is public by default so that all openCRX users have access to the activity tracker and its related objects; the list of Owning Groups of a public activity tracker contains the User Group <SegmentName>\\Users, e.g. Standard\\Users, as shown in the figure below:

  Figure 4-11. Owning Group of a public Activity Tracker

  

  enlarge

• Private Activity Trackers

  To make an activity tracker private, you simply add the appropriate User Group to the list of Owning Groups and then remove the Owning Group <SegmentName>\\Users. Please note that only administrators have permission to create User Groups and assign Users to User Groups. The figure below shows the list of Owning Groups of a private activity tracker.

  Figure 4-12. Owning Group of a private Activity Tracker

  

  enlarge

If you work with private activity trackers it is strongly advised that you make use of the provided operations to create new activities, to assign activities to activity trackers, etc. because these operations ensure that all the permissions on all the created objects are set correctly.