This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
userzone:userdoc:access:rights [2014/09/22 13:46] Roel [General setup] |
userzone:userdoc:access:rights [2021/09/23 17:14] (current) roel typos corrected |
||
---|---|---|---|
Line 1: | Line 1: | ||
======Changing access rights ====== | ======Changing access rights ====== | ||
====General setup==== | ====General setup==== | ||
- | In Gemstracker, every user is assigned to one group. | + | In GemsTracker, every user is assigned to one group. |
One group is assigned one role. | One group is assigned one role. | ||
- | One role has a set of privileges.\\ | + | One role has a set of privileges. |
- | + | A role can inherit privileges from another role.\\ | |
- | There are a few predefined roles: Super, admin, staff, researcher, guest, nologin, physisian, respondent, security.\\ | + | Additionally, a user is assigned to an organization (see adding users), and the user will only be able to access respondents of this organization, unless specific privileges have been granted. There are two ways in which a user can have access to respondents of other organizations: |
- | Also a set of predefined groups is predefined: Super administrators, local admins, staff and respondents.\\ | + | - By granting an organization the right to access one or more other organizations (an organization level privilege) |
+ | - By granting the cross-organization privilege in a role, this will grant access to all organizations (a user-group privilege). | ||
+ | There are a few predefined roles: Super¹, admin¹, staff, researcher¹, guest, nologin, physisian, respondent, monitor, security¹.\\ | ||
+ | Also a set of predefined groups is predefined: Super administrators¹, Local admins¹, Staff, Monitors and Respondents.\\ | ||
+ | ¹//These have cross-organization privileges// | ||
The basic level to change rights is add a new group with one of the predefined roles.\\ | The basic level to change rights is add a new group with one of the predefined roles.\\ | ||
Line 14: | Line 18: | ||
- create a new role | - create a new role | ||
- create a group with this role | - create a group with this role | ||
- | - make sure the group that can create accounts has access to this new role (needs to inherit from the new role you created) | + | - make sure the group that can create accounts has access to this new role (needs to inherit from the new role you created and needs to be set at group level) |
====Adding roles==== | ====Adding roles==== | ||
- | * Go to Roles under Setup - Access* | + | * Go to Roles under Setup - Access¹ |
* Go to new | * Go to new | ||
* Enter role name, description and select parent roles from which this role will inherit rights | * Enter role name, description and select parent roles from which this role will inherit rights | ||
Line 24: | Line 28: | ||
* Press '**__Save__**' | * Press '**__Save__**' | ||
- | * You can only see this tab if you have the right to access it | + | ¹ //You can only see this tab if you have the right to access it// |
====Adding groups==== | ====Adding groups==== | ||
- | * Go to Groups under Setup - Access* | + | * Go to Groups under Setup - Access¹ |
* Go to new | * Go to new | ||
* Enter groupname | * Enter groupname | ||
Line 32: | Line 36: | ||
* Press '**__Save__**' | * Press '**__Save__**' | ||
- | * You can only see this tab if you have the right to access it | + | ¹ //You can only see this tab if you have the right to access it// |