i4designer Security
For greater security and organization learn how to manage your users and customize their permissions in the i4designer application.
Before managing the i4designer users it is important to understand how the roles and permissions work.
The i4designer Control Center provides the infrastructure necessary to control authentication and authorization for user accounts, split up into the following sections:
Before moving into the details of the Users and Organizations Management menus, let's clarify the i4designer authorization levels. The first level of authorization is given by an optional user's affiliation to an organization. The second level of authorization is represented by a set of roles, each carrying on its own set of predefined permissions.
Hence, we can distinguish the following hierarchy:
Administrator - The Independent or Tenant Administrator user is a super-administrator having no limits, from a permissions point of view.
User - The Independent User is a basic user having access only to its own data (own projects, own account).
Administrator - The Administrator user belonging to an Organization, is another super-user granted unlimited permissions.
Organization Administrator - The Organization Administrator is a powerful user, however, its permissions are limited to the Organization that it belongs to.
Organization User - The Organization User is a basic user having access only to its own data (own projects, own account).
Independent users
The users that are not affiliated with any Organization are the so-called Independent users. After being authenticated, the authorization is done actively at every level of the application calculating the user's effective rights.
Permission | Administrator | User |
|---|---|---|
See the list of projects | Yes | Yes |
Create new projects | Yes | Yes |
Import projects | Yes | Yes |
Export projects | Yes | Yes |
Edit projects | Yes | Yes, if project access is restricted to the current user No, if the project is shared with an organization |
Delete projects | Yes | Yes, if project access is restricted to the current user No, if the project is shared with an organization |
Open projects | Yes | Yes |
Edit user profile | Yes | Yes |
Change user password | Yes | Yes |
See the Users menu | Yes | No |
See the list of users | Yes | No |
Edit users | Yes | No |
Deactivate users | Yes | No |
Delete users | Yes | No |
See the list of pending user invitations | Yes | No |
See the list of accepted user invitations | Yes | No |
Resend pending invitation | Yes | No |
Delete pending invitation | Yes | No |
Send new user invitation | Yes | No |
See the list of Organizations | Yes | No |
Create Organization | Yes | No |
Edit Organization | Yes | No |
Delete Organization | Yes | No |
Organization users
The Organization is a logical grouping of users belonging to the same entity. After being authenticated, the authorization is done actively at every level of the application calculating the user's effective rights.
Permission | Administrator | Organization Admin | Organization User |
|---|---|---|---|
See the list of projects | Yes | Yes | Yes |
Create new projects | Yes | Yes | Yes |
Import projects | Yes | Yes | Yes |
Export projects | Yes | Yes | Yes |
Edit projects | Yes | Yes | Yes, if project access is restricted to the current user No, if the project is shared with an organization |
Delete projects | Yes | Yes | Yes, if project access is restricted to the current user No, if the project is shared with an organization |
Open projects | Yes | Yes | Yes |
Edit user profile | Yes | Yes | Yes |
Change user password | Yes | Yes | Yes |
See the Users menu | Yes | Yes | No |
See the list of users | Yes | Yes, but is restricted to users in own Organization | No |
Edit users | Yes | Yes | No |
Deactivate users | Yes | Yes | No |
Delete users | Yes | Yes | No |
See the list of pending user invitations | Yes | Yes, but is restricted to users in own Organization | No |
See the list of accepted user invitations | Yes | Yes, but is restricted to users in own Organization | No |
Resend pending invitation | Yes | Yes | No |
Delete pending invitation | Yes | Yes | No |
Send new user invitation | Yes | Yes, but is restricted to users in own Organization | No |
See the list of Organizations | Yes | Yes, but is restricted to own Organization | No |
Create Organization | Yes | No | No |
Edit Organization | Yes | Yes | No |
Delete Organization | Yes | No | No |