<aside> 🌐
See subsites
Roles and permissions in DocuNote is a structured system that provides detailed control over users' access to the system. It is based on two main types of permissions: organizational permissions, which control access to specific departments and functions in the organization, and module permissions, which relate to general system functions.
The system synchronizes with Active Directory (AD) for user and group management, and permissions can be inherited from parent objects to ensure consistency. This makes it possible to assign specific roles and functions to users based on their position and responsibilities in the organization.
For example, a manager can receive special permissions to approve documents and control access in their department, while a regular user may have more limited permissions. This ensures both security and efficient administration of the system.
The picture below shows the area Roles and Permissions. In the navigation structure, you can see the groups that DocuNote synchronizes from the AD.
We know the concept of Roles from everyday life. At our workplace, in the family and several other of the contexts in which we belong, we each have some different roles or "hats" that are linked to specific situations and actions.
Let us build on the person "Peter Hansen". Peter is employed by the firm of Consulting Ltd as a marketing manager. He has a wife and a baby, Louise. Through his work and his status as a parent, Peter has multiple roles. Peter is a father, husband, employee, and boss. All these roles are linked to a range of functions, i.e. acts that Peter can, may or must perform. As an example, the role of parent leaves Peter with the following options: "Collect the child in the kindergarten," "Take the child to the doctor," "Transport the child to sports". These features are some that Peter has the permission to do, so long as he has custody of the child. If this is changed, Peter's role will change and thus also his function. The same applies to Peter's role as an employee. In its capacity of marketing director, it has several functions and duties together with the position. If Peter quits his job, he loses the right to perform these functions.
DocuNote's permission system is built so that a user or group is associated with a role that contains several functions that in the end is associated with an element or an area. It is in this way, that we create permission in the system. Peter must, therefore, be related to the role of "Parent", which in turn relates to the object Louise. Thereby Peter gets the permission "Parent" for Louise.
To create a link between groups in the AD and roles in DocuNote, it is required that you have already defined the roles to be involved and what are the functions in DocuNote that should be assigned to these roles.
To create roles, select "Roles" in the left column, which opens a new window. See the subsites of this page for more information about creating the different roles.
