Checking Access Based on TNR (Business Object Type, Name, Revision)

The Check Access tab makes it possible to determine whether a V6 user, identified by its identifier and a security context, has access to a particular V6 object, and if so, what type of access.

The object is referred to using its ENOVIA Live Collaboration server implementation identifiers, that is, a type name, object name and object revision (this triplet being also known as the object TNR).

The access to be checked is chosen among the existing security accesses (e.g. read, modify, delete, etc.). The administrator provides the:


  • user name
  • security context
  • object type, name and revision.

Based on this input, the administrator can determine whether the specified user, when connected to V6 using the selected security context, is granted the selected access(es) on the V6 object.

The Check Access tab eases the task of the P&O and Security administrator by determining if the P&O and security data of the company is correctly designed and/or implemented, and detecting potential security holes or issues.

All inputs are mandatory and must be provided by the administrator. Wild carding is not supported, so each value must be specified explicitly.

  1. Click the Check Access tab.

    The following tab is displayed:



  2. Specify the User Id of the user whose accesses you want to check, then click the Check command.

    The Security context pull-down list is displayed listing the security contexts currently assigned to that user.

  3. Select the appropriate security context from the list.

  4. Enter the Type, Name and Revision of the business object.

    For example, purely for the purposes of illustration:


    • type: Person
    • Name: DemoCreator
    • Revision: -

  5. Check the button for the Access(es) you want to check, or check the Select All button to select all accesses:



    Several accesses may be selected at a time, in order to perform several checks at a time.

  6. Click the Check button.

    The output of the command is, for each selected access, a color-coded status indicating whether the specified user, when connected to V6 using the selected security context, is granted the specified access(es) on the V6 object or is denied access: red for denied, green for granted:



    An error is displayed in case one of the input is invalid (e.g. the user or object doesn't exist).