What is the manual setting of permissions for records?

In contrast to the automatic setting of permissions, the manual approach does not utilise any automatic processes. This method of setting permissions is thus carried out separately for every record – this process is thus not as recommended for newly created data. If you want to work effectively in the long term, the automatic setting of permissions for records should be used for creating passwords. However, the manual setting of permissions is generally used when editing already existing records.

Adding additional users with permissions

In the previous section, it was clarified that permissions for records are granted either directly to one user or to several users grouped in a role. With this knowledge, the permissions can as such be set manually for a record. In the Passwords client module, you can access the permissions in the list view of a record in three different ways:

  1. Icon in the ribbon
  2. Context menu of a data record (right-click)
  3. Icon at the right edge of the reading pane

The author is created with all rights for the record. As described in the Authorization Concept, you can now add both roles and users. You can go to the search filter by right clicking on the tab or using the corresponding icon in the ribbon. The filter helps you to quickly find those users who should be granted permissions for the record in just a few steps.

The search filter opens in a separate tab. The filter can be configured as usual. The search is similar to the search in the list view.

The multiple selection is also enabled. It allows to add several users via the Windows standard Ctrl/Shift + left mouse button.

Setting and removing permissions

By default, all added users or roles receive only the “Read” right on the record. It can be extended as required. You can add users as well as administrative roles using the available tools. The right “Read” right at the beginning is sufficient to view the fields of the data record and to use the password. Write permission allows you to edit a data record. * The right “Authorize” is necessary to authorize other users to the record *. This is also used as a basis for the configuration of the seal.

Transferring rights

A simple right-click on a user can be used to copy and transfer rights configurations of users or roles to others in the context menu. In this context, the use of rights templates is also very practical. In the “Template” area of ​​the ribbon, you can save configured permissions, including all users, and reuse them for other records.

The transfer of rights and their reuse can be an important building block to create and maintain entitlement integrity. This method cannot rule out misconfigurations, but it will minimize the risk significantly. Of course, the correct configuration of these templates is a prerequisite.

The add right

The “add right” holds a special position in the authorization concept. This right controls whether a user/role is permitted e.g. to create a new record within an organisational structure. Consequently, this right can only be set in the organisational structure module. More…

Owner right

The owner right may be made available to each user. These rights are more of a guarantee. Once assigned, there is no way to remove users or roles with the owner right from the permissions for a record. This is only possible by the user or the role itself, as well as by users with the right “Is database administrator”.

The owner right thus prevents other users who have the “Authorise” right from removing any users from the record.

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.