GAC Guidelines
- Akash Kumar Jaiswal (Unlicensed)
GAC is an add-on feature of Adeptia Connect. Therefore, you must check if your license supports this feature. Users can contact Adeptia Support for upgrading the license if this feature is unavailable. GAC is based on a role-based permission model.
Implications and guidelines
You can enable or disable GAC in Adeptia Connect. By default, the fresh installation of AC v3.2 or higher has the GAC feature enabled.
Warning and suggestions
- GAC works on a fail-safe mechanism. Therefore, it is highly recommended not to disable this feature if you have created projects and entities using GAC permission model. Disabling GAC with entities created under projects can invite unknown consequences in already running transactions.
- Also, Adeptia Connect does not support restore or reset option to the default settings of pre-GAC setup. Therefore, the user should enable only GAC only if the company has a requirement to manage access to Connect entities for various sets of users.
You can get in touch with Adeptia support in case of any issues.
The following sections help you understand how and what may change if you upgrade from the previous version that has the GAC disabled and you decide to enable it in the upgraded version. You can refer to the documentation on how to enable and work with GAC.
New customers
Those who do a fresh install of Adeptia Connect v3.2 or higher can start working with the role-based permission model from the very beginning as the GAC is already enabled in the application.
Existing customers
The customers upgrading from the previous versions and enabling GAC must adhere to the given guidelines.
- Enabling the GAC changes existing permission model impacting existing entities and activities created in the previous version of Adeptia Connect. Therefore, it is recommended that the user first enables GAC in a non-production environment rather than enabling directly in the production environment.
- After enabling GAC, visibility of existing objects will remain the same because the standard roles (IT/Business/Admin) carry the same permission model.
- Also, the IT/admin users will be able to view option to create project and custom roles features on the UI after enabling the GAC.
Access management
- The access control for IT users’ objects (Templates, Objects from Developer Studio, Process Flows, etc.) is based on Projects, therefore the user should manage all the objects through projects. Once you have enabled GAC, you must create the Project as desired through Projects option on Configure Tab.
- After creating the projects, it is highly recommended to arrange the objects in relevant projects as required.
- While creating any template, you can select the Project, in which you want to create this template.
- Similarly, while creating any other entity i.e. Layout, Mapping, etc., you can define the project, in which you want to create the entity.
- Likewise, the permission of Partner Entities (Networks, Partners, Transactions) will be controlled through Networks.
Role creation
- After creating the projects, the user can create the roles and provide access to relevant projects or networks to specific role types.
- User can define a custom role and assign permissions to the new role as below:
- Can Create Template, Can Invite Partner, etc.
- Manage Project(s) on which the role has access.
- Manage the network on which the role has access.
- After upgrading to v3.2 or higher and enabling GAC, creating a transaction for Partner, the objects will not be filtered based on Partner’s Project. The objects will be filtered based on the project on which the user has permission. You can achieve this by visiting the Projects page in Connect.