Neuroverse
User And Group Management
How user permissions are determined

How user permissions are determined

The access a user has and the actions they can perform in the platform are determined based on the user’s permissions.

Permissions are not assigned directly to a user, instead the permissions for a user are inferred based on the user’s group memberships.

The way to control what permissions a user has is to:

  • ensure the user is a member of the appropriate groups
    • this may require creating new groups
  • manage the roles that are assigned to each group (noting that a role is a collection of permissions)

The roles assigned to a group are used to determine the permissions of the group members.

It is important to note that:

  • custom groups can be members of other groups (as members they also obtain permissions through their parent groups)
  • a user can belong to multiple groups
  • permissions are determined in an additive fashion

The effect of the above can be explained using a few examples.

Example Scenario

  • Imagine the following groups and their roles
    • Reporting Users Group is assigned Role D
    • Team Leaders Group is assigned Role A and Role C
    • Managers Group is assigned Role A and Role B and is also itself a member of Reporting Users Group

Example Permission Determination

  1. If Lynette is a member of Reporting Users Group, Lynette will effectively have the permissions of Role D.
  2. If Talia is a member of Managers Group, Talia will effectively have the permissions of Role A, Role B and Role D (Role D is included here because Managers Group is a member of Reporting Users Group and therefore Talia is an indirect member).
  3. If Therese is a member of both Team Leaders Group and Reporting Users Group, then Therese will effectively have the permissions of Role A, Role C and Role D.
Assigning a User to GroupsManaging Custom Groups