Setup Actions

• Create action sets
• Delete action sets
• Add actions to action sets
• Remove actions from action sets

Note: The 'System Administration' privilege should only be given to trusted system administration users. 

Ability to access the STEP System Administration pages from the Start Page

Ability to view the System Setup Log and Workspace Log (available from View > Logs in the workbench) and the Log tab (available in the editor on most System Setup objects). Without this privilege, the System Setup Log option in the View > Logs menu is grayed out, and the Log tab is not visible on System Setup objects.

Controls if a user is permitted to change an Asset Importer configuration.

Set dimension dependency of asset object types:

• Add dimension to asset
• Remove dimension from asset

Ability to push assets from within the Tree

Ability to add to and create attributes in attribute groups

Note: The 'Create product attribute' action must also be added before users can add attributes to attribute groups.

Ability to create attribute groups

Note: The action 'Modify name/description of attribute group (also translate)' must also be added before users can create attribute groups.

Ability to create attributes

• To create attributes, the actions 'Add attribute to attribute group' and 'Modify definition of product attribute (domain and default unit)' must also be added.

• To create LOV attributes, the actions 'Create domain' and 'Modify definition of domain (validator, etc.)' must also be added.

Ability to delete attribute groups

Ability to delete attributes

• To delete attributes, 'Delete attribute' global privilege must be added.
• To delete LOV attributes, the action 'Delete domain' must also be added.

Create a validation template (validation base type) for attributes and LOVs

Ability to remove (unlink) attributes that are linked to other attribute groups as well as add attributes to a group.

Ability to merge attributes

• Set and edit the validation base type of attributes
• Edit the type of attributes (specification and description)

• Modify filters on LOV attributes.

Note: The 'Create product attribute' action must also be added in order to set validation of attributes.

Edit the dimension dependencies of attributes

• Edit values of description attributes linked to attributes
• Translate description attribute values linked to attributes

• Edit the name of attribute groups
• Translate the name and values in attribute groups

• Edit names of attributes
• Translate name and values in attributes

Note: The 'Modify name/description of domain (also translate)' action must also be added in order to create LOV attributes.

Set which object types the attributes should be valid for.

Ability to view attributes

Ability to view attribute groups

The 'View attribute group' action must be added for users to maintain attributes.

View values of description attributes linked to an attribute

Delete queued, started, and ended background processes

In workbench, while displaying other users' processes via the show all button () , the user can view and download files from background processes started by any other user.

In Web UI, the user can view and download files from the background processes they started.

For users without this privilege:

• in the workbench, the show all button () on the BG Processes tab is disabled (For details, see the BG Processes Displayed section in the BG Processes Tab topic of the Getting Started / User Guide documentation here.)
• in the workbench and Web UI, processes started by other users are not visible
• no IIEPs, OIEPs, and event queues are visible (Gateway integration endpoints are visible since they do not have associated background processes.)

Grants all privileges for change packages, including creation of a change package, deletion, Start Impact Report, Updates, and Seal Package.

Create and delete dimensions, dimension points, and contexts

• Create new keys
• Edit existing keys
• Activate, deactivate, check, and delete keys

• Create new value generator
• Edit value generator
• Run value generator

Update locked attribute values used in unique keys

Create, maintain, and delete 'Match Codes and Matching Algorithms' and maintain deduplication configuration options

• Set up or delete an Event Processor
• Enable an Event Processor
• Disable an Event Processor
• Purge events
• Publish events

Add, modify or to delete event queues. Removal of this action hides the Event Queues root in System Setup.

Create a GDSN Data Pool Publisher for publishing products to the GDSN. This is the action required to use the Easy setup of GDSN Component Model.

Create a GDSN Data Pool Receiver for receiving products from the GDSN

Create GDSN recipient(s)

Create GDSN subscriptions

Delete a GDSN Data Pool Publisher

Delete a GDSN Data Pool Receiver

Delete GDSN recipient(s)

Delete GDSN subscriptions

Maintain GDSN subscriptions

Modification of the GDSN Data Pool Publisher metadata

Modification of the GDSN Data Pool Publisher name

Modification of the GDSN Data Pool Receiver metadata

Modification of the GDSN Data Pool Receiver name

Modification of the GDSN Data Pool Recipient metadata

Modification of the GDSN Data Pool Recipient name

Modification of GDSN Subscription metadata

Modification of the GDSN Subscription name

View the GDSN Data Pool Publisher data

View the GDSN Data Pool Publisher metadata

View the GDSN Data Pool Receiver data

View the GDSN Data Pool Receiver metadata

View the GDSN Recipient data

View the GDSN Recipient metadata

View the GDSN Subscription data

View the GDSN Subscription metadata

Configure and maintain derived events. If Maintain Derived Event Types is disabled, there is no option to add one.

Create, delete, enable, disable, and invoke integration endpoints. Users must also have the privilege 'View Integration Endpoint' in order to maintain an integration endpoint.

• Create and delete reference types and product to classification link types
• Modify reference types and product to classification link types
• Apply description attributes to link types
• Set dimension dependencies of link types

Note: In order to apply description attributes to link types, these actions are also needed:

• View attribute
• View attribute group
• Modify valid (node) types for product attribute

Ability to create LOVs

Note: The actions 'Modify name/description of domain (also translate)' and 'Modify definition of domain (validator, etc.)' must also be included in order to create LOVs.

Create values in LOVs where users are not allowed to add values ('hard' LOVs)

Create values in LOVs where users are allowed to add values ('medium' LOVs)

Ability to delete LOVs

Delete values in both types of LOVs:

• Where users are not allowed to add values ('hard' LOVs)
• Where users are allowed to add values ('medium' LOVs)

Create and delete LOV groups

Ability to merge LOVs

Merge values in both types of LOVs:

• Where users are not allowed to add values ('hard' LOVs)
• Where users are allowed to add values ('medium' LOVs)

Set and edit the validation base type of LOVs

Note: The 'Create domain' action must also be added in order to set validation of LOVs.

Edit the dimension dependencies of LOVs

• Edit name of LOVs
• Translate names and values in LOVs

Edit values in both types of LOVs (including the privilege to translate):

• Where users are not allowed to add values ('hard' LOVs)
• Where users are allowed to add values ('medium' LOVs)

Ability to view LOVs

Note: The 'View domain' action must be added in order to maintain LOVs.

View values of description attributes linked to an LOV

Create a data container type

Create an Entity Root and object type. Example: Completeness Metric

Create a Setup Group Root from Maintain > Insert > Setup Group Root...

Ability to maintain options under the System Setting tab located on the 'Users & Groups' node in System Setup.

• Create object types
• Delete object types

In order to link attributes to object types, these actions are also needed:

• View attribute
• View attribute group
• Modify valid (node) types for product attribute

View a data container type

View an Entity Root and object type. Example: Completeness Metric

Deprecated

Ability to delete contents of the Recycle Bin. In case the Recycle Bin contains objects that exist in more than one workspace, users must also have the 'Force Delete and Purge' action enabled in order to remove those objects.

Ability to force purge objects that exist in more than one workspace and objects with events triggered. The action enables the 'Force Purge' button in the Empty Recycle Bin background process and the 'Force Delete and Purge' action in the Maintain menu.

Ability to delete obsolete revisions:

• Single revisions
• Specified range of revisions, global purging

Allows users to run reports (including starting a reports background process) from File > Reports in the workbench. Without this privilege, the Reports option in the workbench File menu is grayed out.

Ability to maintain table settings on table types, row types, column types, rules / line styles, and colors.

Allows users to view tables and table types.

• Maintain style tags, special characters, character tags, footnotes, and hyperlinks
• Maintain tag groups

Use tags in the rich text editor, table editor, and in table transformations.

To restrict certain users to using certain tags, you must create a tag group that contains these tags and link this tag group into an attribute group. In the User Group editor, the attribute group is applied together with the action set that contains the 'Use tag' action. Users belonging to the user group will only be allowed to use the tags in the tag group linked into the attribute group.

• Create unit groups, units, and unit conversion rules
• Edit unit groups, units, and unit conversion rules
• Delete unit groups, units, and unit conversion rules

Ability to view units. This is used when linking units to attributes.

Note: The 'View unit' action must be included in order to use the 'Maintain units' action

• Create privilege rules for user groups
• Edit privilege rules for user groups
• Delete privilege rules for user groups

Note: In order to maintain privilege rules, the action 'Maintain action sets (create, delete, add to, remove from)' is also needed.

• Create users and user groups
• Duplicate and copy users and user groups
• Delete users and user groups

Ability to change and reset user passwords

Limits whether or not a user can share their user configured views in Web UI.

Ability to access Web UIs on the system. Access to specific Web UI instances can be granted if a Setup Group is defined in the user (group) Setup Privileges, otherwise, this action allows access to ALL Web UI instances on the server.

Ability to impersonate another user for Web UI support purposes

Access to modify and configure any STEP Web UI

In addition to granting access to the STEP Workbench, 'View context' also grants the ability to access the Web UI.

Ability to disable auto-initiation when importing data

Ability to start workflows via the Object context menu and via bulk update. It does not have any impact on auto-initiation. The action can be applied to a setup group and will then only take effect for workflows in that setup group.

Ability to create, delete, cut, copy, duplicate, export, and edit workflows. The action can be applied to a setup group and will then only take effect for workflows in that setup group.

Users must also have the 'View setup group' privilege in order to view and maintain workflows

Edit, create, and delete workflow profiles. The action can be applied to a setup group and will then only take effect for workflow profiles in that setup group.

Users must have 'View STEP Workflow Profile' in order to access workflow profiles.

Ability to remove objects from workflows via the Object context menu or the workflow context menu. The action can be applied to a setup group and will then only take effect for workflows in that setup group.

• View other users' tasks
• Complete / submit tasks not assigned to the current user
• Reassign tasks
• Edit task deadlines

The action can be applied to a setup group and will then only take effect for workflows in that setup group.

View workflow profiles. If a user does not have this action, the STEP Workflow navigator tab sub tab 'Profile' will not be displayed. The action can be applied to a setup group and will then only take effect for workflow profiles in that setup group.

View and use workflows. The action can be applied to a setup group and will then only take effect for Workflows in that setup group.

It is required to also have the 'View setup group' privilege in order to view workflows.

Necessary for users to view workflow tasks

This action grants the privilege to view the 'Advanced' STEP Workflow navigator tab sub tab.

It is required to also have the 'View setup group' privilege in order to view workflows.

Allows users to view all assigned tasks in any and all groups in which they are a member.

This privilege differs from what is currently provided by the 'STEP Workflow Administrator' setup action in that the 'STEP Workflow Administrator' setup action allows users to view all tasks across all groups.

Create and delete workspaces