User Permissions and Roles Management
2 min
this system allows for detailed management of user permissions, enabling or restricting access to various features and actions within a workspace environment user permissions are determined by their assigned user type, which comes with a predefined set of roles users with certain privileges can modify these permissions for themselves or others, ensuring a flexible and secure workflow users are categorized into different groups or "user types," each with a specific set of default permissions when a userβs type is changed, all their permissions are reset to the defaults for that user type user types overview owner permissions admin role on master workspace, workspace, and all design & process entities co owner permissions write role on master workspace admin role on workspace and all design & process entities admin permissions admin role on workspace and all design & process entities member permissions read role on workspace write role on all design & process entities basic permissions read role on workspace no permissions on design & process entities note owners and co owners can set the default user type for new users in sub workspaces each user type is associated with roles that define their permissions for different entities within the system these roles can be modified to grant or revoke specific actions role permissions overview admin permissions create, read, update, delete write permissions create, read, update update permissions read, update read permissions read only none permissions no access minimum authored permissions users cannot have lower permissions on their authored content (content they created) than their assigned role for instance, if a user has a "write" role, they must also have "write" permissions on content they authored each entity within the system has predefined roles that dictate what actions can be performed by users the roles for entities are consistent across the system to maintain uniform behavior entity role overview master workspace roles write, admin permissions manage workspaces, set default user types, manage subscriptions workspace roles read, write, admin permissions view dashboard, manage users, update roles design & process entities roles none, read, update, write, admin permissions view, edit, add, or delete entities other entities (e g , data models, credentials, api keys, etc ) roles none, read, update, write, admin permissions similar structure as above, tailored to the specific entity note users cannot assign roles higher than their own role on the same entity users with the necessary rights can manage permissions for other users this includes assigning user types, modifying roles, and setting default permissions for new users in sub workspaces key points updating user type when a userβs type is updated, their permissions revert to the defaults for that type default roles owners and co owners can specify default roles for new users in sub workspaces role management admins can update user roles but cannot assign roles higher than their own in future updates, custom user types with granular roles per entity will be introduced, allowing for even more tailored permission management custom user type features custom roles owners/co owners can create and assign custom roles granular permissions more specific permissions can be defined for custom roles
