framework user rights

The basic right management tool is user rights organized by modules and allocated through system groups. The page contains an overview of the rights that define the system module frm.

• frmEverybody
• frmPowerUser
• frmFulltext
• frmDeveloper
• frmAdmin
• frmObject:print
• frmObject:export
• frmSettingsVisitor

No module right creates permissions to access user data.

frmEverybody

A fundamental right for every user. Without this right, it is impossible to view almost anything. In fact, the right confirms the duly logged user.

frmPowerUser

Right for executive users. Functionalities are tied to this right and should only be available to more experienced users. For example, it authorizes you to perform bulk data editing.

By default, functions that allow both bulk changes and changes that exceed the boundaries of the set processes - e.g. to stop processing the request, even if the process should properly run through the approval to reject.

The right should be given to workers who are well aware of the consequences of the actions they carry out. However, it is a right that helps to easily take into account changes that have occurred even if they did not fall within normal processes, typically:

• Management's decision to act contrary to normal procedures
• Customer's decision to change its earlier decision

frmFulltext

The right to use full-text searches throughout the system. The holder of this right has the option to run full-text searches of all data in the system as well as all stored files.

The right gives them great possibilities to search the system for information. While the search still controls the access rights to individual records, so that the user cannot access records that he would otherwise not have access to, it is still an option to search large amounts of data in a targeted way. Therefore, the right should only be given to users who need it to work.

The right does not restrict full-text searches within the normal work - e.g. full-text searches in the directory by name, surname, phone and email and other data are not restricted in any way.

frmDeveloper

The right for developers provides the right to monitor logs and the progress of processing operations in the system. The right does not allow to view user data

Within the application, the developer has the possibility to see internal IDs of displayed objects and detailed debugging messages.

frmAdmin

The right to set system permissions and assign system rights to groups

frmObject:print

The holder of this right has the global permission to print. Users who do not have this right are not restricted in any way in their work, but the system does not allow them to print from the application or generate PDF reports that are not directly linked to the progress of any process.

To illustrate: When the user does not have this right, he can generate minutes from the meeting, but he cannot print contacts to all clients from the directory.

Warning: The restriction with this right does not prevent them from copying specific data (ctrl-c) or performing screenshots (applications cannot prevent this). However, the data is displayed in such a way that it will be very laborious to obtain comprehensive data lists in this way.

frmObject:export

The right to export data in data format provides stronger possibilities to retrieve the data from the system. It limits the functions that allow complete exports (e.g. export of the whole methodology - set of objects). By default, only experienced workers involved in the development of the system in the company have the right, because it is not useful for normal work.

frmSettingsVisitor

The "auditing" right gives the possibility to revise the system settings without the right to interfere with it. The right allows the employees in charge of security to audit the system settings, in particular access rights and user permissions.