You can control access to a file cabinet and documents with many different rights. The file cabinet rights are divided into four predefined permissions profiles:
Owners
Edit
Read
Delete
The profiles get the following individual rights:
Profile | Administrative permissions | General permissions | Field rights | Overlay permissions |
---|---|---|---|---|
Edit | --- |
|
|
|
Read | --- |
|
| --- |
Delete | --- |
| --- | --- |
Owners |
|
|
|
|
The four default profiles "Edit," "Read," "Delete," and "Owner" cannot be changed. However, you still have the option of creating new file cabinet profiles and assigning users.
Notes on administrative permissions
Which sections in the file cabinet settings are shown depends of the administrative permissions of the user.
Owners: All four sections are shown: General, Database Fields, Dialogs, Permissions
Operator, Manage Dialogs, Manage Permissions: All four sections are shown: General, Database Fields, Dialogs, Permissions
Operator, Manage Dialogs: General and Dialogs are shown
Operator, Manage Permissions: General, Database Fields, Permissions are shown
Manage Permissions: only the Permissions section is shown
Manage Dialogs: only the Dialogs section is shown
Instructions for allocating profiles:
To be able to edit documents, the user needs both the Edit and Read profiles.
To be able to print documents, you need the "Read" right, as the Export right is included in the Read profile.
If another user other than the creator of a file cabinet needs to edit the file cabinet, the file cabinet owner needs to assign them the Admin permission.
So that users are able to access the documents in the file cabinet, they must be assigned Dialogs as well as permissions.
More information about the rights system in DocuWare
Advanced
Profiles
Profiles enable you to assign sets of rights in "containers," instead of lots of individual rights. Specific rights can then be assigned to any number of users at the push of a button, without the rights structure needing to be modified by hand.
Here in DocuWare Configuration, you can create and edit profiles for file cabinet permissions. File cabinet permissions are rights which relate exclusively to a file cabinet, including storing and searching documents, changing index entries, or exporting documents or a file cabinet into the file directory.
File cabinet profiles and file cabinet permissions can also be created and edited in DocuWare Administration as before.
More about rights and profiles in DocuWare
Default Profiles
The file cabinet rights are divided into four predefined permission profiles: Owners, edit, read, and delete.
New profiles can be created under User-defined profiles.
User-Defined Profiles
In a user-defined profile the user themselves compiles file cabinet and index field permissions and assigns them to users and roles.
File cabinet
For some file cabinet permissions, index field permissions are also necessary. To enable the user, e.g. to perform the file cabinet permission "Store," they must be able to write in at least one index field so that the document can be indexed.
Index fields
All fields of the file cabinet are listed in the left-hand column of this dialog. Specify what users with this profile are allowed to do with the fields.
Please note that some activities require multiple permissions. For example, to be able to edit documents the user requires both modify and read permission since only then will the documents be displayed.
Field permissions also affect the visibility of the fields in the dialogs: without the field permission "Search" the users don't see the field in the search dialog, even if it is assigned to the search dialog at dialog level. The same applies to the permissions "Read" for the result list, "Write" for the storage dialog, and "Modify" for the index dialog.
More information about file cabinet profile permissions
Index Value Profiles
Whereas the standard and user-defined profiles relate to the entire file cabinet, with an index value profile you make only specific documents accessible for a profile.
Query definition
There are two options available for entering the search conditions:
Graphic editor: Entry of search criteria per index field.
SQL: Entry of an SQL statement
1. Graphical editor
In the graphical editor you can select the file cabinet fields and define the rules (conditions) which the documents must fulfill so that they are visible for users with this profile.
You can create as many rules as you like. You establish the logical relationship between the rules using the AND/OR operators.
In the following example, only the new incoming invoices from Peters Engineering would be visible:
Instead of a rule, you can also use groups of rules. The second example shows how such a group of rules can be used. Both the new and the rejected and approved invoices for Peters Engineering should be visible:
Note: The system functions User group and User role can be assigned to index fields of the keyword and text type. This checks whether the user belongs to a group or role entered in this index field. Only then can the user access the documents. Click here for an example of application.
Assignment is done using the following operators:
Keyword: Contains — at least one keyword matches one of the user roles/groups
Text field: Equals — text field corresponds to one of the user roles/groups
Is not equal — text field does not corresponds to any of the user roles/groups
2. SQL
SQL statements enable you to define more complex filters than is possible by assigning index criteria to each field. Simply type the statement into the text field. You do need to enter the SELECT statement. You define the filter using the WHERE clause. You can use SQL join statements and substrings.
File cabinet
For some file cabinet permissions, index field permissions are also necessary. To enable the user, e.g. to perform the file cabinet permission "Store," they must be able to write in at least one index field so that the document can be indexed.
Index fields
All fields of the file cabinet are listed in the left-hand column of this dialog. Specify what users with this profile are allowed to do with the fields.
Please note that some activities require multiple permissions. For example, to be able to edit documents the user requires both modify and read permission since only then will the documents be displayed.
Furthermore, the right to change index terms does not include the right to assign new, not yet existing index terms. If this is to be permitted, you must also assign the "Allow new entries" field right in another profile without an index filter. Use this second profile to control only the additional field authorization.
Field permissions also affect the visibility of the fields in the dialogs: without the field permission "Search" the users don't see the field in the search dialog, even if it is assigned to the search dialog at dialog level. The same applies to the permissions "Read" for the result list, "Write" for the storage dialog, and "Modify" for the index dialog.