• Documentation
• Model Management Permission Allocation

Model Management Permission Allocation

In EnOS model management, when creating models, model packages, or model elements (collectively referred to as “data”), they are assigned to a group (../overview/key_concepts.html#group). A group serves as the permission management unit in model management. Users must have group permissions to create and manage resources within the group.

Without specific permissions assigned, users have the following default permissions:

• View data created in the current OU.

• View all shared data that has been shared with the current OU.

This file explains how users can acquire additional permissions for model management.

Prerequisites

The current account must have the Device Integration and Management Personnel role (ID: DCMadmin) or another role with access to the Developer Console > Model Management menu. If needed, contact your OU administrator.

Create Groups and Share Group Data

Taking a model as an example, the permission allocation process for creating groups and sharing group data is as follows:

1. Trigger the Process: The model management team contacts the system administrator to request the creation of a group. Provide the Name, ID, and Developer OU of the group during the request. The name must support internationalization and can be up to 40 characters. The ID must be unique within the environment.

2. Create the Group: Once approved, the system administrator creates the group in the backend and assigns it to the developer OU.

3. Assign Permissions: The OU administrator for the developer OU assigns the necessary resources and operational permissions within the group to the model management team. Refer to Add and Manage Data Within a Group.

4. Create and Share Models: The model management team creates models in the developer OU within the group and shares them with customer OUs. Refer to Configure Sharing Policy.

5. Add Custom Configurations to Shared Models (Optional): If required, contact the OU administrator of the customer OU to assign the account the necessary resources and operational permissions within the group. Refer to Add and Manage Data Within a Group. Then add custom configurations to shared models, refer to Customize Shared Models.

Note

Custom groups (custom) data cannot be shared.

Add and Manage Data Within a Group

If the current account needs to create, edit, delete, export, or import data within a group, contact the OU administrator to follow these steps:

1. Assigns the account resource permissions for the group in the Application Portal Administrator Console.

2. Assigns corresponding operational permissions to the account’s role in the Application Portal Administrator Console. The following are operational permissions for model management:

Operational Permission Point Name	Operational Permission Identifier	Permission Description	Recommended Scenarios
Model Edit	model_edit	Allows users to create (including clone and inherit), edit, delete, export, import models within the scope of their operational permissions. Users can also add tags, open models as components, and add custom configurations to shared models. Does not include model sharing permissions	Model Management Personnel can independently develop models. Model users can add custom configurations to shared models
Model Export	model_export	Users with this operational permission can export all visible models in the current OU.	Restrict model export permissions to protect OU data security.
Model Sharing	model_share	Users with this operational permission can share models with other OUs and approve model sharing requests for the current OU.	Model Management Personnel can share models from the developer OU to other OUs. Model Management Personnel can approve model sharing requests from other OUs.
Model Package Edit	package_edit	Users with this operational permission can create (including clone), edit, delete, export, and import model packages within their permissions and add tags to model packages. Does not include model package sharing permissions
Model Package Export	package_export	Users with this operational permission can export all visible model packages in the current OU.	Restrict model package export permissions to protect OU data security.
Model Package Sharing	package_share	Users with this operational permission can share model packages with other OUs and approve model package sharing requests for the current OU.	Model Management Personnel can share model packages from the developer OU to other OUs. Model Management Personnel can approve model package sharing requests from other OUs.
Element Library Edit	element_library_edit	Users with this operational permission can create and manage custom elements in the model element library.	Model Management Personnel can predefine model elements for reuse.