Skip to main content
Version: 2.8

Managing roles

This page explains the system predefined roles, and how to create roles and set up access permissions for custom roles.

Roles and permissions in Document.One

The following table describes roles that you can assign to users when you create them in Document.One:

RoleDescriptionNotes
No role assigned

Users with this role can access the following resources:

  • Document.One services overview page.
  • Repository Explorer.
  • Repository API.
You can create a user with no role, and later assign a role to this user.
tf-admin

Users with this role can access the following resources:

  • Access the Document.One services overview page.
  • Access the Tribefire platform.

This role is by default assigned to the user that is automatically created when D1 is installed.

Users with this role can access the Tribefire platform, which is a requirement for accessing D1 Administrator.

adx-admin

Users with this role can access the following resources:

  • Access the Document.One services overview page.
  • Access the D1 Administrator.
  • Acess the Tribefire Control Center.

You need to assign tf-admin role to all adx-admin users.

adx-root

Users with this role have super administrator permissions to bypass all security restrictions. Users with this role must be used for for testing purposes.

You need to assign tf-admin role to all adx-root users.

custom roleD1 administrators can create custom roles, with privileges defined via the access control list.N/a
Note

You need to manually create all roles except tf-admin and then assign them to users and groups.

To create a role

  1. Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.

  2. Select Roles from the Users & Groups menu.

    All existing roles are listed.

  3. Select New. New Role menu opens.

  4. Give your new role a name and select Execute. Your role is now created and can be assigned to users and groups.

Note

You must set up access rights for all custom roles by using access control operations.

To set up access rights for a custom role

Additionally, you can specify your own set of roles. The privileges for these roles are granted with the Access Control option, available for a Repository, Folder or Content:

  1. Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.

  2. Select a Repository, Folder, or Content.

  3. In the Operation field, select the acess control level. For details on the available operations, see Access control operations.

Access Control is now set for the specified custom role.

To assign a role to a user

  1. Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.

  2. Select Users from the Users & Groups menu and proceed as explained below.

  3. Select Open or Details from the action bar to edit a user.

  4. Add the correct roles for this user. This action opens a transfer list - select the roles there and click Finish. Roles are now added to the editing form.

  5. Click Apply.

To assign a role to a group

  1. Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.

  2. Select Groups from the Users & Groups menu.

  3. Follow the same procedure as for users.