Permissions sets

This page explains which user permissions to enable for each menu entry of the Portal.

The permissions are cumulative. For example, if a user wants to edit an item:

  • he needs to have access to the service,
  • he needs to be able to read the data,
  • he needs to have the permission to edit the items.

Except if he has an administrator permission.

Super user

A super user is a user who can access any menu entry of his instance and who can perform any action. He does’nt need any of the permissions below. He just needs to have the permission *=*.

Administration

Feature Permission
Access to the service configuration admin=view
Read the users users=read(‘./*’)
Edit the users (cannot delete users) users=edit
Do everything on the users users=*
Read the permission sets permsets=read(‘*’)
Edit the permission sets permsets=edit
Do everything on the permission sets permsets=*

Permission sets:

  • read only the users: admin=view & users=read('./*')
  • edit the users: admin=view & users=read('./*') & users=edit
  • administrate the users: admin=view & users=read('./*') & users=*
  • read only the permissions: admin=view & permsets=read('*')
  • edit the permissions: admin=view & permsets=read('*') & permsets=edit
  • administrate the permissions: admin=view & permsets=*

Data models

Note

The action edit includes: create, update, rename, duplicate, delete, export and import.

Feature Permission
Access to the service configuration datamodels=view
Read the data models datamodels=read
Edit the data models datamodels=edit
Do everything on the service datamodels=*

Permission sets:

  • read only: datamodels=view & datamodels=read
  • edit: datamodels=view & datamodels=read & datamodels=edit
  • administrate: datamodels=*

Reports

Note

The action edit includes: create, update, rename, duplicate, delete, export and import.

Feature Permission
Access to the service configuration reports=view
Read the reports reports=read
Edit the reports reports=edit
Do everything on the service reports=*

Permission sets:

  • read only: reports=view & reports=read
  • edit: reports=view & reports=read & reports=edit
  • administrate: reports=*

Routes

Note

The action edit includes: create, update, rename, duplicate, delete, export and import.

Feature Permission
Access to the service configuration routes=view
Read the routes routes=read
Edit and execute the routes routes=edit
Do everything on the service routes=*

Permission sets:

  • read only: routes=view & routes=read
  • edit and execute: routes=view & routes=read & routes=edit
  • administrate: routes=*

Routing orders

Note

The action edit includes: update, delete and export.

Feature Permission
Access to the service configuration routingorders=view
Read the routing orders routingorders=read
Edit and reprocess the routing orders routingorders=edit
Do everything on the service routingorders=*

Permission sets:

  • read only: routingorders=view & routingorders=read
  • edit and reprocess: routingorders=view & routingorders=read & routingorders=edit
  • administrate: routingorders=*

Scripts

Note

The action edit includes: create, update, rename, duplicate, delete, export and import.

Feature Permission
Access to the service configuration scripts=view
Read the scripts scripts=read
Execute the scripts scripts=run
Edit the scripts scripts=edit
Do everything on the service scripts=*

Permission sets:

  • read only: scripts=view & scripts=read
  • execute: scripts=view & scripts=run
  • edit: scripts=view & scripts=read & scripts=edit
  • administrate: scripts=*

Stripe Payment

Feature Permission
Access to the service configuration stripe=view
Read the data stripe=read
Be assigned to a payment task workflow=role(‘Invoice Payers’)
Pay an invoice stripe=pay
Do everything on the service stripe=*

Permission sets:

  • read only: stripe=view & stripe=read
  • edit: scripts=*
  • pay: workflow=role('Invoice Payers') & stripe=pay

Tables

Note

The action edit includes: create, update, rename, duplicate, export and import.

Feature Permission
Access to the service configuration tables=view
Read all the tables and their records tables=allow(*)
Read only the records of Table1 and Table 2 tables=allow(‘Table1’( * ), ‘Table2’( * ))
Read the records in Table1 where column1 has the value1 tables=allow(‘Table1’(‘column1’=’value1’))
Edit a table’s structure tables=edit-table
Delete a table’s structure tables=delete-table
Edit a table’s records tables=edit-data
Delete a table’s records tables=delete-data
Edit and delete a table’structure and records tables=*

Permission sets:

  • read only: tables=view & tables=allow(*)
  • edit structure: tables=view & tables=allow(*) & tables=edit-table
  • edit structure and data: tables=view & tables=allow(*) & tables=edit-table &tables=edit-data
  • delete structure and records: tables=view & tables=allow(*) & tables=delete-table &tables=delete-data
  • administrate: tables=allow(*) & tables=*