Last modified on 11 January 2017, at 12:19

User Rights

Revision as of 12:19, 11 January 2017 by MHM (Talk | contribs)

For security and administration purpose, UBIK® allows configuring different access rights for users on the server. The client allows/disallows certain actions based on these configurations.

Scopes

Scopes affect how different rights can be assigned. The following scopes are supported.

  • Per User: For the same content, different users might be assigned with different rights.
  • Per Object: User rights can be assigned to single object instances.
  • Per Property: User rights can be assigned to single property values of every object instance.

Definitions

An read-only object
Properties of an read-only object

The following user rights are defined in UBIK®.

  • Read & Write: Users can do anything to the content (only from a user right perspective, however, it is still subject to other rules such as the editability of properties).
  • Read-Only: Users can only view the content. Modifications such as editing, deleting and creating children are not allowed.
  • No Right: This is only implicit on the client in the sense that content defined as such will not even be delivered from the server to the client.


All these user rights applied on the content usually do not extend by relations. For example, a read-only object does not prevent its children from being modified unless the children carry the read-only right themselves.

IC Attention.pngOne exception to this is the MRO task owner object. If a task owner is configured as read-only, all its MRO related children will be read-only as well.