Access Control
Access Control is the capability to ensure that application data and functionality are only accessible to authorized users.
In InnowayIT Application Access Control is implemented through User, User Profile and Role objects.
User is a person who has a login to the system
User Profile is a collection of pages with read-only, read-write or administrative access rights for each page. It defines which pages a user may access.
Role defines the function assumed by the user in the organization. Roles form a hierarchy. Users role defines what data a user will see in a page.
Application has both profile and role based access. Examples:
A user profile has access to Application page with read only access
In the homepage a user may see the list of data for which his/her role is data steward
In the homepage a user may see a list of initiative assigned to him/her directly as user
An application role connects a user with a stakeholder. App Role-Stakeholder relationship defines the role for a business stakeholder. A stakeholder may also be an App User. In this case the App Role of the stakeholder is assigned to an App User.
Stakeholder --> App Role <-- App User
Only Stakeholder
Define App Role (VP Business) and Stakeholder (Jane) and link them together
Only App User
Define App User and App Role and link them together
Both Stakeholder and App User
Define App Role, Stakeholder and App User and link then through App Role
Manage User
Login with Administrative privilege
Navigate to Administration > Users
Create or Edit users.
Save
Manage User Profile
Login with Administrative privilege
Navigate to Administration > User Profile
Create or Edit users.
Save
Manage User Role
Login with Administrative privilege
Navigate to Administration > User Role
Create or Edit user roles.
Save
Last updated