BSCW ServerHelp top
 previousnext 

Roles

Roles, Users and Access Rights

BSCW has the concept of roles. Roles are used to specify access rights for users.

When a users creates, e.g., a folder, he or she receives the role of a "Manager" of this folder and thereby the access rights associated with the role "Manager". (In general, a Manager has full control of the object.)

When inviting a user to a folder via [File --> Share --> Invite Member], it has to be specified in which role the new user shall become a member of the folder / workspace. The invited user then receives those access rights on the folder and the objects within the folder which are specified for the selected role.

Predefined Roles

Several roles are already predefined on each BSCW system. Usually the following roles are predefined: "Owner", "Manager", "Member", "Registered user", and "Restricted member" (but a BSCW system administrator may add further predefined roles).

Adding and Editing Roles

If access rights for an object (usually a folder) shall be specified which do not correspond to the access rights of one of the already predefined roles, a new role has to be created via the [Add role] operation. It is then necessary to specify a name for the role (e.g., "Student" or "Teacher") and assign access rights to the role. The assignment of access rights is either done by copying the access rights of an already existing role or by selecting from one of the predefined so called action classes "Get", "Get extended", "Change", "Change extended", "Share", and "Share extended". (These action classes have already been used for the access rights setting in BSCW version 3.x).

After a new role has been defined (based on an existing role or action class), it is usually necessary to modify the access rights for the role. This is done by selecting the particular role via the [Edit role] operation. This leads to a form which lists - grouped according to the action classes mentioned above - all possible operations of the BSCW system and indicates whether or not a particular operation is allowed for this role. By selecting or de-selecting operations from this list, the access rights of the role can be modified.

Afterwards a user can be invited with the new role and then automatically has the access rights that have been specified for this role.


 previousnext