none
How to add Projects to a Category dynamically? RRS feed

  • Question

  • Hi All,

    I'm looking for different ways to add Projects to a Category based on certain criteria. I'm aware of the dynamic options like 'User is the project owner', 'User is a team member of a project' etc. but this is not exactly what I want. Let me explain with an example.

    Let's just say that I want to add all the Projects that belong to certain department. What are the different ways to achieve this?    

    Thanks in Advance,
    Ritesh Gade


    Ritesh Gade

    Monday, September 16, 2013 12:42 PM

Answers

  • Hi Ritesh --

    Thank you for the information... very helpful.

    Based on what you are stating, you should be able to accomplish this with built-in security groups, security categories, and Resource Breakdown Structure (RBS) functionality... with no custom development required.

    If you have not done so already, I suggest that you begin by configuring the RBS lookup table to represent your organizational structure:

    • Corporate
    •     Unit 1
    •         Sub Unit 1a
    •         Sub Unit 1b
    •     Unit 2
    •         Sub Unit 2a
    •         Sub Unit 2b

    Be sure to use titles or positions -- not people's names -- in the RBS lookup table.

    The next step is to identify the roles that people play in Project Server, such as...

    • Executives
    • Project Managers
    • Resource Managers
    • Team Members
    • etc.

    ...then create a security group in Project Server for each of the roles identified. When creating the security group, review the list of global permissions and ENABLE any features that you want to grant to that group. DO NOT DENY the permissions / features that the group does not need, as this will likely cause you grief later. DO NOT select any security categories yet, and DO NOT enable any category permissions yet. Go straight to the global permissions, select features for the group, save, and proceed to the next group.

    I then recommend that you create a separate security category to correspond with each of the groups that you created; each category represents a collection of project and resource data that each group needs to access. For example...

    • For the 'Executives' group, create or configure a 'My Organization' (or similar) category to represent the projects and resources that they need to access... typically all of the projects and all of the resources in the system. If you need to restrict their visibility to only the projects or resources in the organizational branches below them, then select the options to base the visibility on the RBS.
    • For the 'Project Managers' group, create or configure a 'My Projects' (or similar) category to represent the projects and resources that they need to access.... typically the projects that they own and the resources in their branch of the org structure (according to the RBS)... unless they should have access to the entire resource pool.
    • For the 'Resource Managers' group, create or configure a 'My Resources' (or similar) category to represent the projects and resources that they need to access... typically the resources that report to them (according to the RBS) and the projects to which their resources are assigned.
    • For the 'Team Members' group, create or configure a 'My Work' (or similar) category to represent the projects and resources that they need to access... typically the projects to which they are assigned, and their own resource information.

    For any security group / category combination, if you need to restrict their access to projects that are managed by people in organizational branches below them, set the 'The Project Owner is a descendant of the User via RBS' option in the appropriate category.

    For any security group / category combination, if you need to restrict their access to resources that are in organizational branches below them, set the 'They are descendants of the User via RBS' option in the appropriate category.

    One could write an entire book describing how to use the Project Server security model, but hopefully this helps point you in the right direction. If you need more specific help, please contact me.

    Good luck!

    -- tz


    Tony Zink | Vice President, EPMA | http://www.epmainc.com | Blog: http://www.epmablog.com | Training: http://www.epmainstitute.com

    • Marked as answer by Ritesh Gade Friday, September 20, 2013 10:40 AM
    Thursday, September 19, 2013 6:23 PM

All replies

  • Hi Ritesh --

    This functionality can be accomplished through a custom-developed server side event handler; when a new project is created, it is automatically associated with a security category based on the project department value.

    Please contact me directly if you need help developing this.

    Good luck!

    -- tz


    Tony Zink | Vice President, EPMA | http://www.epmainc.com | Blog: http://www.epmablog.com | Training: http://www.epmainstitute.com

    Monday, September 16, 2013 1:35 PM
  • In your example, presumably you only want people within that department to see the project?  This can be accomplished using the standard categories and RBS setup.


    HTH, Ben [MVP]

    Monday, September 16, 2013 2:03 PM
    Moderator
  • I agree with Ben, see if using the RBS works for you before going down the custom code route.

    Paul


    Paul Mather | Twitter | http://pwmather.wordpress.com | CPS

    Monday, September 16, 2013 2:12 PM
    Moderator
  • Hi All,

    Thanks a lot for quick response.

    @Tony: That definitely helps. I will try this option if the Standard Categories and RBS setup will not suffice the requirement.

    @Ben: Yes, something similar to that. I shall look into this setup first.

    @Paul: Sure, custom code shall be the last option.

    Regards,
    Ritesh


    Ritesh Gade

    Tuesday, September 17, 2013 5:47 AM
  • Hi Ritesh --

    When you use the term "departments", are you (a) referring to this term generically as business units within your organization, or are you (b) referring specifically to the 'Departments' feature that is built into Project Server? I took your question quite literally and assumed (b), but please verify.

    When you state that you want to add all of the projects in a specific department to a category, what exactly are you trying to accomplish?

    I want to ensure that we correctly understand your problem... despite language barriers and possibly incorrect usage of Project Server terminology. The Project Server security model is one of the most misunderstood areas of the solution, so the more descriptive you can be, the better.

    Good luck!

    -- tz


    Tony Zink | Vice President, EPMA | http://www.epmainc.com | Blog: http://www.epmablog.com | Training: http://www.epmainstitute.com

    Wednesday, September 18, 2013 12:10 AM
  • Hi Tony,

    First of All, Thanks a lot for your time.

    Actually, I'm new to Project Server so I meant (a). Sorry for the terminology. Let me try to explain the requirement and the problem clearly.

    Let's just assume that an Organisation Structure is as follows

    The Security Model required is:

    1. Resources at ORG level can view(have permissions on) ALL Projects.
    2. Resources at UNIT1 level can view(have permissions on) on Projects that belong to UNIT1 only (Projects that belong to UNIT2 should not be visible to Resources/User's of UNIT1) 
    3. Resources at SUB UNIT1 level can view(have permissions on) on Projects that belong to SUB UNIT1 only (Projects that belong to SUB UNIT2 should not be visible to Resources/User's of SUB UNIT1)
    4. The same logic with every unit. Also, If a project is from SUB UNIT1 it means that it is a 'descendant' of UNIT1. Hence, UNIT1 Resources can view/edit the Projects that belong SUB UNIT1. 

    The categories would be helpful here but selection of Projects based on 'Departments' is not available (we changed the 'Department' lookup to have the req. Org Structure and came to know that the same lookup is associated to RBS too). Hope ' Manage Categories' is the right area to look into , please let me know if there is any other feature available to achieve this security model.

    Thanks & Regards,
    Ritesh Gade


    Ritesh Gade

    Thursday, September 19, 2013 8:08 AM
  • Hi Ritesh --

    Thank you for the information... very helpful.

    Based on what you are stating, you should be able to accomplish this with built-in security groups, security categories, and Resource Breakdown Structure (RBS) functionality... with no custom development required.

    If you have not done so already, I suggest that you begin by configuring the RBS lookup table to represent your organizational structure:

    • Corporate
    •     Unit 1
    •         Sub Unit 1a
    •         Sub Unit 1b
    •     Unit 2
    •         Sub Unit 2a
    •         Sub Unit 2b

    Be sure to use titles or positions -- not people's names -- in the RBS lookup table.

    The next step is to identify the roles that people play in Project Server, such as...

    • Executives
    • Project Managers
    • Resource Managers
    • Team Members
    • etc.

    ...then create a security group in Project Server for each of the roles identified. When creating the security group, review the list of global permissions and ENABLE any features that you want to grant to that group. DO NOT DENY the permissions / features that the group does not need, as this will likely cause you grief later. DO NOT select any security categories yet, and DO NOT enable any category permissions yet. Go straight to the global permissions, select features for the group, save, and proceed to the next group.

    I then recommend that you create a separate security category to correspond with each of the groups that you created; each category represents a collection of project and resource data that each group needs to access. For example...

    • For the 'Executives' group, create or configure a 'My Organization' (or similar) category to represent the projects and resources that they need to access... typically all of the projects and all of the resources in the system. If you need to restrict their visibility to only the projects or resources in the organizational branches below them, then select the options to base the visibility on the RBS.
    • For the 'Project Managers' group, create or configure a 'My Projects' (or similar) category to represent the projects and resources that they need to access.... typically the projects that they own and the resources in their branch of the org structure (according to the RBS)... unless they should have access to the entire resource pool.
    • For the 'Resource Managers' group, create or configure a 'My Resources' (or similar) category to represent the projects and resources that they need to access... typically the resources that report to them (according to the RBS) and the projects to which their resources are assigned.
    • For the 'Team Members' group, create or configure a 'My Work' (or similar) category to represent the projects and resources that they need to access... typically the projects to which they are assigned, and their own resource information.

    For any security group / category combination, if you need to restrict their access to projects that are managed by people in organizational branches below them, set the 'The Project Owner is a descendant of the User via RBS' option in the appropriate category.

    For any security group / category combination, if you need to restrict their access to resources that are in organizational branches below them, set the 'They are descendants of the User via RBS' option in the appropriate category.

    One could write an entire book describing how to use the Project Server security model, but hopefully this helps point you in the right direction. If you need more specific help, please contact me.

    Good luck!

    -- tz


    Tony Zink | Vice President, EPMA | http://www.epmainc.com | Blog: http://www.epmablog.com | Training: http://www.epmainstitute.com

    • Marked as answer by Ritesh Gade Friday, September 20, 2013 10:40 AM
    Thursday, September 19, 2013 6:23 PM
  • Hi Tony,

    Thank you very much, I really appreciate your willingness to help!

    Yes, this explains the security model clearly and that really helps.

    The scope of the answer is wider than the question in this case. Infact, the need to add projects based on departments might not be necessary at all.

    It would be great if you can let me know any limitations/ failure scenarios based on your experience, that helps a lot.

    Thanks & Regards,
    Ritesh Gade


    Ritesh Gade


    • Edited by Ritesh Gade Friday, September 20, 2013 10:39 AM
    Friday, September 20, 2013 10:36 AM