Managing roles
This page explains the system predefined roles, and how to create roles and set up access permissions for custom roles.
Roles and permissions in Document.One
The following table describes roles that you can assign to users when you create them in Document.One:
| Role | Description | Notes |
|---|---|---|
| No role assigned | Users with this role can access the following resources:
| You can create a user with no role, and later assign a role to this user. |
| tf-admin | Users with this role can access the following resources:
| This role is by default assigned to the user that is automatically created when D1 is installed. Users with this role can access the Tribefire platform, which is a requirement for accessing D1 Administrator. |
| adx-admin | Users with this role can access the following resources:
| You need to assign tf-admin role to all adx-admin users. |
| adx-root | Users with this role have super administrator permissions to bypass all security restrictions. Users with this role must be used for for testing purposes. | You need to assign tf-admin role to all adx-root users. |
| custom role | D1 administrators can create custom roles, with privileges defined via the access control list. | N/a |
You need to manually create all roles except tf-admin and then assign them to users and groups.
To create a role
Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.
Select Roles from the Users & Groups menu.
All existing roles are listed.
Select New. New Role menu opens.
Give your new role a name and select Execute. Your role is now created and can be assigned to users and groups.
You must set up access rights for all custom roles by using access control operations.
To set up access rights for a custom role
Additionally, you can specify your own set of roles. The privileges for these roles are granted with the Access Control option, available for a Repository, Folder or Content:
Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.
Select a Repository, Folder, or Content.
In the Operation field, select the acess control level. For details on the available operations, see Access control operations.
Access Control is now set for the specified custom role.
To assign a role to a user
Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.
Select Users from the Users & Groups menu and proceed as explained below.
Select Open or Details from the action bar to edit a user.
Add the correct roles for this user. This action opens a transfer list - select the roles there and click Finish. Roles are now added to the editing form.
Click Apply.
To assign a role to a group
Log in to Document.One as a user with administrative permissions, and then open D1 Administrator.
Select Groups from the Users & Groups menu.
Follow the same procedure as for users.