i4designer Knowledgebase

i4designer Security

Abstract

For greater security and organization learn how to manage your users and customize their permissions in the i4designer application.

Before managing the i4designer users it is important to understand how the roles and permissions work.

The i4designer Control Center provides the infrastructure necessary to control authentication and authorisation for user accounts, split up into the following sections:

Before moving into the details of the Users and Organizations Management menus, lets clarify the i4designer authorisation levels. The first level of authorisation is given by an optional user's affiliation to an Organization. The second level of authorisation is represented by a set of roles, each carrying on their own set of predefined permissions.

Hence, we can distinguish the following hierarchy:

  • Independent users

    • Administrator - The Independent or Tenant Administrator user is a super-administrator having no limits, from permissions point of view.

    • User - The Independent User is a basic user having access only to its own data (own projects, own account).

  • Organization users

    • Administrator - The Administrator user belonging to an Organization, is another super-user granted with unlimited permissions.

    • Organization Administrator - The Organization Administrator is a powerful user, however its permissions are limited to the Organization that it belongs to.

    • Organization User - The Organization User is a basic user having access only to its own data (own projects, own account).

Independent users

The users that are not affiliated to any Organization are the so called Independent users. After being authenticated, the authorization is done actively at every level of the application calculating the user's effective rights.

Permission

Administrator

User

See the list of projects

Yes

Yes

Create new projects

Yes

Yes

Import projects

Yes

Yes

Export projects

Yes

Yes

Edit projects

Yes

Yes, if project access is restricted to current user

No, if project is shared with organization

Delete projects

Yes

Yes, if project access is restricted to current user

No, if project is shared with organization

Open projects

Yes

Yes

Edit user profile

Yes

Yes

Change user password

Yes

Yes

See the Users menu

Yes

No

See the list of users

Yes

No

Edit users

Yes

No

Deactivate users

Yes

No

Delete users

Yes

No

See the list of pending user invitations

Yes

No

See the list of accepted user invitations

Yes

No

Resend pending invitation

Yes

No

Delete pending invitation

Yes

No

Send new user invitation

Yes

No

See the list of Organizations

Yes

No

Create Organization

Yes

No

Edit Organization

Yes

No

Delete Organization

Yes

No

Organization users

The Organization is a logical grouping of users belonging to the same entity. After being authenticated, the authorization is done actively at every level of the application calculating the user's effective rights.

Permission

Administrator

Organization Admin

Organization User

See the list of projects

Yes

Yes

Yes

Create new projects

Yes

Yes

Yes

Import projects

Yes

Yes

Yes

Export projects

Yes

Yes

Yes

Edit projects

Yes

Yes

Yes, if project access is restricted to current user

No, if project is shared with organization

Delete projects

Yes

Yes

Yes, if project access is restricted to current user

No, if project is shared with organization

Open projects

Yes

Yes

Yes

Edit user profile

Yes

Yes

Yes

Change user password

Yes

Yes

Yes

See the Users menu

Yes

Yes

No

See the list of users

Yes

Yes, but is restricted to users in own Organization

No

Edit users

Yes

Yes

No

Deactivate users

Yes

Yes

No

Delete users

Yes

Yes

No

See the list of pending user invitations

Yes

Yes, but is restricted to users in own Organization

No

See the list of accepted user invitations

Yes

Yes, but is restricted to users in own Organization

No

Resend pending invitation

Yes

Yes

No

Delete pending invitation

Yes

Yes

No

Send new user invitation

Yes

Yes, but is restricted to users in own Organization

No

See the list of Organizations

Yes

Yes, but is restricted to own Organization

No

Create Organization

Yes

No

No

Edit Organization

Yes

Yes

No

Delete Organization

Yes

No

No