Admin User Matrix

A matrix chart showing the user permissions in relation to other system profiles.  See User Profiles to set permissions on a per action basis per user profile.  This is a "who can see who" display of permissions, showing the degree of interaction possible between user profiles.  Along the X-axis is each user profile, with an entry representing that user's profile permissions compared to the corresponding profiles along the the Y-axis.   

  • Administration (“A”):

 The users of one profile can administer users of another profile. This privilege includes adding users of the specified type (if the  “add_users” privilege is set for the profile of the creating user), “become this user” (the administrator can convert itself into the administered user and it also includes the following Write, Read and View permissions.

Examples: ”]po[ Admins” for example should, in general, be able to administer all other types of users.  "Freelancers", in the example below, all “Employees” are allowed to administer freelancers.

  • Write (“W”):

The permission to modify user data.

  • Read (“R”):

The permission to read the user data (name, email, contact information, …).

  • View (“V”):

The permission to view the name of the user, but not the right to see the user's data. 

 


Accoun
ting

Custo
mers

Emplo
yees

Free
lancers

]po[ Admins

Project Mana
gers

Sales

Senior Mana
gers

Accounting

v R w a

V r w a

v R w a

V r w a

V R W A

v R w a

v R w a

V R W A

Customers

v R w a

v r w a

v r w a

v r w a

V R W A

v r w a

V R W A

V R W A

Employees

v R w a

V r w a

v R w a

V r w a

V R W A

v R w a

v R w a

V R W A

Freelancers

V R W A

v r w a

V R W A

v r w a

V R W A

V R W A

v R w a

V R W A

]po[ Admins

v R w a

V r w a

v R w a

V r w a

V R W A

v R w a

v R w a

V R w a

Project Managers

v R w a

V r w a

v R w a

V r w a

V R W A

v R w a

v R w a

V R W A

Sales

v R w a

V r w a

v R w a

V r w a

V R W A

v R w a

v R w a

V R W A

Senior Managers

v R w a

V r w a

v R w a

V r w a

V R W A

v R w a

v R w a

V R W A

(Upper Case letters signify that the user has the permission, lower case that they do not.)

 

For users that belong to more than one profile group their total permissions are the union of their various profiles.  For example, a user who is both a "Senior Manager" and an "HR Manager" will have the aggregate permissions of these two profiles when interacting with other users, so belonging to multiple user profiles is not mutually exclusive.

 

For users wishing to interact with other users belonging to multiple profiles, their rights over the user are the intersection of their permissions over the multiple profiles.  For example an "Employee" wishing to view a user who is both a "Senior Manager" and an "HR Manager" must have view rights over both these profiles, not just one in order to view the other user.

 

USER 1 belongs to Profile A and B

USER 2 belongs to Profile C

USER 3 belongs to Profile C and D

 

USER 1 Permissions on USER 2 = { Profile A Permissions (w/respect to C)  ∪  Profile B Permissions (w/respect to C) }

USER 1 Permissions on USER 3 = { Profile A Permissions (w/respect to C)  ∪  Profile B Permissions (w/respect to C) } ∩  { Profile A Permissions (w/ respect to D) Profile B Permissions (w/ respect to D) }

 

 

References

 



  Contact Us
  Project Open Business Solutions S.L.

Calle Aprestadora 19, 12o-2a

E-08907 Hospitalet de Llobregat (Barcelona)

 Tel Europe: +34 932 202 088
 Tel US: +1 415 429 5995
 Mail: info@project-open.com