fli - Wednesday, January 21, 2015 4:23 AM:
DavidSpackman - Friday, February 6, 2015 8:38 AM:
I agree this is a risk,
It is also possible for users to use the export tool to access your datamodels and packages.
Dave
kentonv - Friday, February 20, 2015 5:10 PM:
This is true, but only for data & items which they have access to through the permission model and client. It would be more time consuming, but the user could also search for those items, and copy/paste the data into another format with the same results. It would also be possible to query the information through the Aras client, and capture the responses through a tool like 'Fiddler', then parse those to get the same results. I think this would be possible using most PLM solutions/clients.
I am not sure there is a security risk if a user already has access to the data through the client, just not as fast a way to take advantage of it.
kentonv - Friday, February 20, 2015 5:12 PM:
David:
The import/export tool requires access to the 'Package Definition' itemtype. If you are worried about that access, you could change the permissions for that itemtype, and the export tools would be unusable for this purpose.
DavidSpackman - Friday, May 1, 2015 1:33 AM:
Thanks Kenton. Good tip.