Rights and Roles
- Technische Redaktion
Find an overview of the rights users get via their roles in yuuvis® architect and yuuvis® client.
Table of Contents
Introduction
Rights management in yuuvis® Momentum client and yuuvis® architect is role-based.
Depending on the description of the position and tasks, employees work with different data, functions, and tools. User rights for access to data, functions, and applications in accordance with the employees’ fields of duties and responsibility are grouped into roles in yuuvis® Momentum client and yuuvis® architect. In this way, users with the same fields of duties and responsibility also have the same rights in the system.
Users can view the roles assigned them via their settings.
Roles for Users and Administrators
The following roles can be assigned to users of yuuvis® Momentum client and yuuvis® architect in order to manage their permissions. Users can view the roles assigned to them in the settings menu.
Role | Permissions in yuuvis® Momentum client as reference implementation | Permissions in yuuvis® architect |
|---|---|---|
| YUUVIS_DEFAULT | Users have full access to all objects. | no impact |
| YUUVIS_CREATE_OBJECT | Users are allowed to create objects. In the graphical user interface, a + icon is shown in the yuuvis® Momentum bar. | no impact |
| YUUVIS_MANAGE_SETTINGS | Users are allowed to customize the global standard configurations for hit lists and filters in the settings menu. Those standards will be the default settings for (new) users that have not saved their own user-specific standard configurations so far. | no impact |
| YUUVIS_SYSTEM_INTEGRATOR | Administrative object information is provided to users in the metadata forms of any object in the system. | Users can modify metadata forms in the metadata aspect area for any object type defined in the global system schema or in an app-specific schema. Users can customize the localization of the labels associated with object types defined in the global system schema or in an app-specific schema. Users can add or delete users of their own tenant and assign roles to them. |
| YUUVIS_TENANT_ADMIN | Administrative object information is provided to users in the metadata forms of any object in the system. | Users can modify metadata forms in the metadata aspect area for any object type defined in the tenant-specific schema. Users can customize the localization of the labels associated with object types defined in the tenant-specific schema. Users can add or delete users of their own tenant and assign roles to them. |
| YUUVIS_MULTI_TENANT | no impact | Users with accounts in multiple tenants can easily switch between their tenants via Switch tenant instead of a conventional logout. |
Role Sets
The roles listed above are defined in a role set provided for yuuvis® Momentum client and yuuvis® architect. The core system of yuuvis® Momentum allows for the definition of custom role sets as well. But be aware that you will not be able to use yuuvis® architect or yuuvis® Momentum client. Instead, you can build your own custom client.
>> Access Authorization and Permissions
Summary
Rights management in yuuvis® architect is based on the same role set that is used for yuuvis® Momentum reference client. Administrators need the YUUVIS_TENANT_ADMIN role to manage object types of the tenant (tenant-specific schema) or YUUVIS_SYSTEM_INTEGRATOR role to manage object types of the system (system-schema) including applications (app-schemas). Each of the two roles enables administrators to add or delete users of their own tenant and assign roles to them.