PPM Pro is comprised of a variety of entities, such as business units, accounts, programs, projects, reports, requests, to name a few. Users can perform actions on entities, such as creating and editing projects, submitting requests, building and viewing reports, and so on. Not all users require access to all types of entities, nor do they all require the ability to perform the same types of actions.
What entities a user can see and what actions a user can perform on an entity are controlled by permissions. Permissions are determined by one or more of the following:
Permissions and Reports
Remember that there can be layers of permissions. For example, with reports, you need to have permission to see the report source and also have the report shared with you in order to view/edit/delete. To create a report, you just need to have permission on the report source. This is important to remember for Org-level reports; you must be in the Organization standard group (was Organization Admin team) in order to see the Organization report source and report output.
PPM Pro has several user types:
The user type determines some of the user's general level of access to PPM Pro functions. For detailed descriptions, please see User Types/Permissions.
Standard groups give users permission to perform certain actions on all entities of a certain type. For example, a member of the Resources standard group has permissions across all Resources. Standard group memberships determine which specific functions the user can access/perform - you cannot modify the permissions a standard group offers. For a full list of all standard groups and their implied permissions, please see About Groups.
Note that Administrative privileges are granted to Full and Team by membership to the Admin group. Administrators have access to all functions located under the Admin tab. For a full description of the administrative functions, please see About Admin.
Entity teams (often referred to as the "legacy" permissions model) are a way to give users permissions for a specific instance of an entity, like a specific project (as opposed to all projects). All users can be assigned to entity teams throughout PPM Pro. For example, you can assign Ada Lovelace to the team of the XYZProject and give her permission to edit that project - but no other project.
See About Entity Teams for more information.
Profiles are containers of permissions that you configure to grant permissions to users, groups (of users), or units (another collection of users). Profiles can grant global permissions, which apply to all instances of an entity (like a project), or can be used to grant permissions to specific instances of an entity (like MyFinancialProject).
Profile-based permissions currently apply to Projects, Portfolios, Assets, Reports, Dashboards, and Filters. See About Profile-Based Permissions.
If you are using Centralized Staffing, then you will also use this feature to apply resource staffing permissions. See About Centralized Resource Staffing and Creating Staffing Permission Profiles for more information.