Setting permissions for a role

To configure permissions for the current role, do the following (see Users, roles, groups – roles):

• Expand the appropriate group of permissions. See the following chapters for descriptions of permission groups:

  • General administration permissions

  • Web service access permissions

  • Document type administration permissions

  • File access

  • Recycle bin access

• To specify permissions for an entry in the first column, do the following:

  • Select the check box Enabled / Disabled / Undefined for the desired operation.

  • Alternatively, click Change Permissions at the bottom of the expandable panel to set all permissions of the selected row to a single value.

    

• Change the value as desired and click Ok.

• Click Save.

Each right may have the following values:

• Enabled: The right is permitted.

• Undefined: This is the initial default setting which prohibits the right. Normally, when setting up a new environment, you only have to enable the required functionalities for a role.

• Disabled: The value means that the right is explicitly prohibited.

  NOTE:
  It is not recommended disabling any permissions unless this is explicitly required by your permission model! Often a “disabled” permission is too restrictive when you combine roles, and “undefined” is enough to deny the permission. Also see Role usage (combining roles).
  

  In your permissions model, only enable what is necessary, but do not take the approach of first enabling everything and then disabling specific permissions.