Can I control access rights to my models?
Decision Explorer® includes an "undocumented" feature that allows you to control whether users who are given the model can create or edit concepts and links. You can determine the state of the model when it is first loaded, and give additional access rights by using a password system.
| Supervisor | The "Normal" mode used if you don't take any action. Full access, able to fully edit the model, and to change access control settings. |
| FullControl | Able to fully edit the model and add/edit users, but not change access control settings. |
| FullAccess | Able to fully edit the model, but not change access control settings. |
| DelPrev | Able to add new concepts and links, and to edit and delete concepts and links which were made in the current or previous "session" (ie concepts that are listed by the LN command). Thus concepts can be created and corrected, but "after a while" they become unchangeable. |
| DelSession | Able to add new concepts and links, and to edit and delete concepts and links which were made in the current "session" (ie concepts that were added since loading the model). Thus concepts can be created and corrected, but once saved (and closed) they are unchangeable. |
| AddPrev | Able to add new concepts and links, and to edit concepts and links which were made in the current or previous "session" (ie concepts that are listed by the LN command). Thus concepts can be created and corrected, but "after a while" they become unchangeable. |
| AddSession | Able to add new concepts and links, and to edit concepts and links which were made in the current or previous "session" (ie concepts that were added since loading the model). Thus concepts can be created and corrected, but once entered they are fixed. |
| ReadOnly | Concepts and links can be fully viewed and analysed, but nothing new can be added to the model. Note that select boxes in this mode are always "solid", not dashed. |
| None | No concepts or links can be seen. This is primarily aimed at being the starting level, since a model with this level of access is NOT secure. Anyone can see the actual text using a file dump utility. |
A model always starts in supervisor mode, and any passwords specified have no effect until a supervisor password is set using the setsuper command.
A model can have two user passwords, each with a different access level. This allows the supervisor to give different access to different groups of users. For instance, the local facilitator can have FullAccess when needed, but client users only have ReadOnly access.
Further, a model has a starting access level, allowing any level to be active when it is first loaded. This allows a facilitator to set the model in a suitable mode without the client user having to enter a password (or even know a password is available).
| login <password> | Compares the model passwords with that specified, and sets the appropriate access level. This only has an effect when access control is enabled. |
| newpass <password> <level> [<which>] | Changes one of the two passwords available in the model. The <level> parameter should be one of the words listed in the above table. If <which> is not specified, then password 1 is set. Otherwise it should be 1 or 2. These may be set before access control is enabled. Only available when currently at supervisor level. |
| superpass <password> | Enables access control, storing the <password> to enable later modification of access levels. The model must be saved for access control to be permanently stored. Only available when currently at supervisor level. Do not forget this password! |
| stdlevel <level> | Sets the standard access level, which is set when an access controlled model is loaded. The <level> may be any of the words listed above. Only available when currently at supervisor level. |
| logout | If access control is enabled, this command sets the current level to the standard level. |
| nopassword | Removes access controls from the model. Only available when currently at supervisor level. |
Note: In the case of loss of passwords, particularly the supervisor password, it will be necessary to return the model file to Banxia Software to be changed. Contact info@banxia.com for details of the cost.
Can you show a typical session?
| stdlevel readonly | Set the starting mode to be read-only. |
| newpass london delsession 1 | Set up one of the passwords to be "london" with the ability to create concepts and delete those entered in the current session. (The other password is not set, so it will remain dormant.) |
| superpass consult | Set the supervisor password to "consult". Do not forget this password! This activates the security system, but you are still in supervisor mode. Use "Logout" to test the model. |
| login london | Enter the password to be able to add to and edit the model. (The actual rights are determined by the supervisor earlier. |
Concepts may now be entered and edited. When finished, simply close the model - a specific logout is not needed unless you want to leave the model with someone in read-only mode.
Logging in using the supervisor password will allow you to change any aspect of the model. If you are at the computer of one of the group who you are restricting, then you will want to use the logout facility to return to the default mode (or login using another password).
How do I remove access control?
| login consult | Log in as the supervisor |
| nopassword | Remove access control |
Is password control secure?
This systems is designed to help people manage who can edit models co-operatively. It is not designed to provide tough security, and it is not "bulletproof" - an export user can work round some of the restrictions. It is however a useful tool to help groups manage the workflow associated with models.
