Roles and Permissions: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
QPR ProcessAnalyzer user roles have user | QPR ProcessAnalyzer uses role-based access control mechanism, so operation require permissions in order to be executable. '''Permissions''' are given to '''users''' and '''user groups''' by assigning users to '''roles''', where roles are a collection of permissions. Roles can be bound either to a '''project''' or be '''global''', which means that that role (and its permissions) is applicable for all the contents in the database. Users belonging to an user group have automatically all the roles assigned to that user group. | ||
== Global Roles == | == Global Roles == | ||
Revision as of 15:31, 7 February 2018
QPR ProcessAnalyzer uses role-based access control mechanism, so operation require permissions in order to be executable. Permissions are given to users and user groups by assigning users to roles, where roles are a collection of permissions. Roles can be bound either to a project or be global, which means that that role (and its permissions) is applicable for all the contents in the database. Users belonging to an user group have automatically all the roles assigned to that user group.
Global Roles
Global roles are roles are assigned when <All> is selected from the project list in the Manage Users dialog.
| (Global) Administrator | Model Creator | Evaluator | Run Script | |
|---|---|---|---|---|
| GenericRead |  |
|||
| GenericWrite | |
|||
| DeleteModel | |
|||
| CreateModel | |
|
|
|
| ResetDatabase | |
|||
| Filtering | |
|||
| ManageUsers | |
|||
| ManageOperations | |
|||
| ManageReports | |
|||
| ManageIdeas | |
|||
| ManageProject | |
|||
| ManageIntegrations | |
|||
| ManageScripts | |
| (Global) Administrator | Model Creator | Evaluator | Run Script | |
|---|---|---|---|---|
| Create Project | |
|
|
|
| View Project | |
|||
| Edit Project | |
|||
| Permanently Delete Project | |
|||
| Create Model | ||||
| View Model | |
|||
| Import Data into Model | 300 event attributes and case attributes each |
|||
| Create Filters / Analyze Model | |
|||
| Permanently Delete Model | |
|||
| Create Data Table | ||||
| View Data Table | |
|||
| Import Data into Data Table | max. 1000 rows and 300 columns each |
|||
| Delete Data Table | |
|||
| Access Operation Log | |
|||
| Run Scripts | |
Evaluator has the following additional restrictions:
- Maximum number of models: 10
- Maximum number of event in a model: 1000
- Maximum number of event attributes in a model: 1000
- Maximum number of case attributes in a model: 1000
- Maximum number of created integration tables: 10
- Maximun number of rows in created integration table: 1000
- Maximun number of columns in created integration table: 1000
- Evaluator and Model Creator get the Project administrator role for the projects that they create (see User Roles and Rights for Individual Projects below). They can delete models in the created projects only.
- Models created by an Evaluator inherit the restrictions the current user has. These restrictions are in effect for all the imports targeting that model, no matter who is doing the import.
- Users with Global Administrator or Model Creator role can always import new data into any model without restrictions. Note, however, that a user cannot import more data than what is allowed by the product's activation limits.
Project Roles
| (Project) Administrator | Analyzer | Designer | Viewer | |
|---|---|---|---|---|
| GenericRead | |
|
|
|
| GenericWrite | |
|
||
| DeleteModel | |
|||
| CreateModel | |
|
||
| ResetDatabase | |
|||
| Filtering | |
|
|
|
| ManageUsers | |
|||
| ManageOperations | |
|||
| ManageReports | |
|||
| ManageIdeas | |
|||
| ManageProject | |
|||
| ManageIntegrations | |
|||
| ManageScripts | |
| (Project) Administrator | Analyzer | Designer | Viewer | |
|---|---|---|---|---|
| View Project | |
|
|
|
| Edit Project | |
|
||
| Delete Project | |
|
||
| View Model | |
|
|
|
| Edit Model | |
|
||
| Create Filters / Analyze Model | |
|
|
|
| Import Data into Existing Model | |
|
||
| Delete Model | |
|
||
| View Data Table | |
|||
| Import Data into Existing Data Table | |
|||
| Delete Data Table | |
Group Roles
| Administrator (Group) | Member | Hidden Member | |
|---|---|---|---|
| Add/Remove Group Members | |
|
|
| Create Users to Group | |
||
| Add/Remove Project Access Rights of a User | |
|
|
| Open Model Accessible to Group Members | |
|
|
| See Unhidden Group Members | |
|
|
| See Hidden Group Members | |
- If a group member is a Project Administrator, he/she can add and remove project specific access rights for the group or for any individual member of the project.