This section explains the permission management and access control model for Products.

Whether a user can access a Product is determined by Product permissions and Product access control.

I. Managing Product Permissions

All permissions in Sanplex are maintained under Admin > Personnel Management > Permissions.

Product permissions can be configured through Permission Management and Scope Management.

1. Permission Management

Go to Admin > Personnel Management > Permissions. From the group list, click Permission Management on the right to open the permission configuration page.

图1

On the Product View permission page:

• Selecting a checkbox grants the permission.
• Clearing a checkbox revokes the permission.

图2

2. Scope Management

Scope Management complements Permission Management by quickly narrowing down the effective access scope.

In practice, Scope Management works like a switch:

• Enabled (selected): Users can access Products only if the related Product permissions are also granted in Permission Management.
• Disabled (cleared): Even if Product permissions are granted in Permission Management, users still cannot access Products.

Typical use cases for Scope Management:

• In a customized delivery project, the customer also needs access to Sanplex and must be able to view specific Programs, Products, and Projects.
• Customer users are placed into a dedicated permission group.
• The group is granted relevant permissions for Programs, Products, Projects, and Executions, but customers must not see other public Programs/Products/Projects in the system.
• You can explicitly list which Accessible Programs, Accessible Products, and Accessible Projects the customer group can access.
• As a result, members of the customer permission group can only view the listed Programs/Products/Projects.

From Admin > Personnel Management > Permissions, click Scope Management on the right side of the group list to open the Scope Management page.

图3

On the Scope Management page:

• Accessible Views: selecting Product means the group is allowed to access the Product view. Actual access still requires related Product permissions granted in Permission Management.
• Accessible Products: leaving it blank means there is no Product-level access restriction. If specific Products are listed, the group can access only those Products.
• Viewable Product Activity: Product activities appear in the activity stream only when this option is selected.

图4

II. Product Access Control

Products support the following access control modes: Private, Public, and Whitelist.

• Private: Accessible to the Product Owner, Product Test Owner, Product Release Owner, stakeholders of the Program the Product belongs to, and members/stakeholders of associated Projects.
• Public: Anyone with Product View permission can access.
• Whitelist: Whitelisted users can also access the Product.
• If Product A is Private and Project B is associated with Product A, then Project B’s team members and stakeholders can also access Product A.

When creating a Product, the default access control is Private, and you can configure a whitelist under private mode.

图5

The Product whitelist shows users added when access control is Private. You can also add or remove users directly in the Product whitelist.

图6