Nexeed

Ticket Management
    • Introduction
    • API documentation
Ticket Management
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Reporting Management
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator
Nexeed Learning Portal
  • Ticket Management
  • Facility-Related Access Control
✎

Facility-Related Access Control

The integration of an access control list (ACL) enables roles and authorizations to be created manually in the Multitenant Access Control module and assigned to users or user groups for access control on tickets. By default, resources are automatically registered for the Area and Production line facility levels.

The access authorizations are not inherited from the area to the line. Stations, on the other hand, inherit from the line.

Example

tm_resource_acl_default

Six resources are registered in the Multitenant Access Control module:

  • Tickets for area Fe2.1 (since devices can be assigned to an area)

  • Tickets for line Fe2.1 (including sub-facilities)

  • Tickets for line Fe2.2. (including sub-facilities)

  • Tickets for area Fe2.2 (since devices can be assigned to an area)

  • Tickets for line Fe2.3 (including sub-facilities)

  • Tickets for line Fe2.4 (including sub-facilities)

The other facilities (station Fe2.1, station Fe2.2, station Fe2.3, station Fe2.4) are not registered as a resource.

Resources for Facilities

If a facility (area or production line) is added, automatic resources are registered for the access rights in the Ticket Management for the facility.

The access in Ticket Management is determined by the hierarchy of the facility and the user’s resolving group or escalation group.

For each area and production line, the following resources are registered:

  • Own Ticket

    • Tickets that are assigned to the user.

    • Tickets that are not assigned, but the user belongs to the resolving group.

    • Tickets that are assigned to an escalation group to which the user belongs.

  • Other Ticket

    • Tickets that are assigned to another user.

    • Tickets that are not assigned and the user does not belong to the resolving group.

    • Tickets that are assigned to an escalation group to which the user does not belong.

Example

Facility level Name — Example Authorizations

Area, e.g. area A

Area A — Own ticket
Area A — Other ticket

Read
Add
Edit

Production line, e.g. line 1

Line 1 — Own ticket
Line 1 — Other ticket

Read
Add
Edit

Create role for facility

Organization roles are roles added by a user.

Create access role for facilities.

Prerequisites

  • Admin role

  • Module role Ticket Management Admin

Procedure

  1. Add facility (area or production line) ( Add Equipment ) e.g. Area A

    Resources for controlling access to facility tickets are created automatically: Resources for Facilities

  2. Create organizational role ( Adding a Role ). Recommended syntax, e.g. User Area A Admin

    • Assign module role Ticket Management Admin

    • Assign authorizations (create, read, change), e.g. Area A — Own ticket, Area A — Other ticket.

  3. Assign the organizational role User area A admin to a user ( Assigning a User to a Role ).

The organizational role has been assigned to a user.

Example of user roles for facilities

The example is intended to show how ACL-based authorization can be implemented in Ticket management. The organizational roles shown must be created manually: Create role for facility.

User area A

  • Module role Ticket Management User : read

  • Authorizations: Area A — Own ticket : Create, read, modify

  • Rights of User area A :

    • Sees the Ticket management menu in the portal

    • Sees tickets from devices connected to area A or its subordinate facilities

    • Can read and change their own tickets in progress

    • Can read and change open tickets (not assigned) belonging to their own resolving group (including subgroups)

    • Can read and modify tickets belonging to their own escalation group

    • Can create tickets for devices connected to area A or its subordinate facilities

User area A admin

  • Module role Ticket Management User : read

  • Authorizations: Area A — Own ticket: Create, read, modify

  • Authorizations: Area A — Other ticket : Create, read, modify

  • Rights of User area A admin :

    • Sees the Ticket management menu in the portal

    • Sees tickets from devices connected to area A or its subordinate facilities

    • Can read and modify open and in-progress tickets

    • Can create tickets for devices connected to area A or its subordinate facilities

User area A expert

  • Module role Ticket Management User : read

  • Authorizations: Area A — Own ticket : Create, read, modify

  • Authorizations: Area A — Other ticket : Create, read

  • Rights of User area A expert :

    • Sees the Ticket management menu in the portal

    • Sees tickets from devices connected to area A or its subordinate facilities

    • Can only modify open tickets (not assigned) that belong to their own resolving group

    • Can only modify their own tickets in progress

    • Can only modify tickets that belong to their own escalation group

    • Can create tickets for devices connected to area A or its subordinate facilities

User area A–C admin

  • Module role Ticket Management User : read

  • Authorizations: Area A — Own ticket : Create, read, modify

  • Authorizations: Area A — Other ticket : Create, read, modify

  • Authorizations: Area B — Own ticket : Create, read, modify

  • Authorizations: Area B — Other ticket : Create, read, modify

  • Authorizations: Area C — Own ticket : Create, read, modify

  • Authorizations: Area C — Other ticket : Create, read, modify

  • Rights of User area A–C admin :

    • Sees the Ticket management menu in the portal

    • Sees all tickets of devices connected to areas A–C or their subordinate facilities

    • Can read and edit all open and in-progress tickets connected to areas A–C or their subordinate facilities

    • Can add tickets for devices connected to areas A–C or their subordinate facilities

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses