Skip to main content

Understand the connection between permissions, access control and qualifications

In this article, we will explore the differences between roles, permissions, qualifications, and access control

Simon Seher avatar
Written by Simon Seher
Updated over a week ago

In this article, we will discuss the differences between roles, permissions, qualifications, and access control.

Differences between roles, permissions, qualifications, and access control.

Regardless of the defined user role, access control prevents users from viewing, opening, or editing a document or report. Thus, the system blocks unauthorized access to resources on the platform, unlike roles, which only define the general framework of functionalities.

A user's roles (e.g., Editor, Assistant) determine which actions they can perform with orders, documents, and/or reports. An "Editor" (or content creator) can edit documents, while an "Operator" can initiate and execute created content as an order, report, or task.

Access control goes further by regulating which specific user (or user group) has access to which specific documents, reports, orders, or tasks—regardless of their role.

Thus, access control enables a more precise management of access to individual contents, going beyond role-based permissions.

Within a role, all functional parts of the software can be activated or deactivated via the permissions table.

Qualifications come into play when the operator must meet certain requirements in the form of a qualification to execute a report or an entire order.

The following list is intended to assist you.

Permissions table

Permission

Effect

Further Information

Orders

Enables the basic menu item “Orders” in the left side menu and provides a view of the orders.

Creating and edit orders

Orders can be created using the “New order” button, existing order data can be modified.

Manage order series (rules)

The menu item “Series (rules)” appears in the left side menu, where entire order series can be planned and created in advance for the future.

Adjust schedule for individual steps

Exceptions and individual rules can thus be mapped within the order series creation/processing (visible by clicking on the inserted document -> right side menu “Schedule of individual steps”).

Archive & manage archived

This allows orders to be removed from the order overview list and removed orders to be restored.

Attach, detach and reorder documents and reports

Users with this authorization can add new documents (or reports) within an order, remove existing ones from the order and completely rearrange the order.

Permission

Effect

Further Information

Reports

Enables the general "Reports" menu item in the left sidebar, allowing access to ongoing and completed reports.

Start from document

When enabled, adds the menu item "Start Report" in the left menu. Allows operators to execute created documents as reports.

Use QR-Scanner

Allows linking and calling documents via QR codes. Enables the "QR Scanner" menu item in the sidebar.

Show completed reports

Allows reopening of completed reports. A relevant menu option is shown in the report details section.

Allow customizing report name and class characteristics

Allows modification of the title and classification for ongoing reports.

show report timestamps

Enables/disables the display of employee names and timestamps during report handling.

May be required by the works council.

Reopen report

Allows reopening of completed reports. Intended for specific roles/users.

All actions are audit-logged.

Create file exports (PDF, CSV, XLSX)

Adds options in the report details view (top-right kebab menu) for exporting report data.

Archive & manage archived

Allows archiving of reports not needed anymore and reactivation from the archive.

Manage external access to reports

Enables sharing specific reports with individuals without Operations1 access (read-only). Found in kebab menu of report detail view.

Permission

Effect

Further Information

Tasks

General permission to access the "Tasks" menu in the left sidebar.

Delete tasks

Grants permission to delete existing tasks.

Permission

Effect

Further Information

Documents

Allows both internal and external sharing of document links. The “Share Link” option can be found either in the table view (row-end kebab menu) or in the document detail view.

Dokumente in Operations1 erstellen: Neue Dokumente mit Operations1 erstellen | Operations1

Manage external access to documents

Allows the internal and external sharing of document links.

‘Share link’ can be found either in the tabular document overview on the right in the row (kebab menu) or directly in the document detail overview, also at the top right in the kebab menu.

Classify multiple documents

This can be used to classify several documents at once in the table document overview!

Publish directly without review

Ist diese Berechtigung aktiviert, können Dokumente direkt und ohne Gegenprüfung veröffentlicht werden.

Review and approve to publish

Diese Berechtigung gibt der adressierten Rolle die Möglichkeit zur Freigabe angefragte Dokumente zu überprüfen und anschließend

Attache tags to interactions

If this authorisation is enabled, documents can be published directly and without cross-checking.

Remove multiple documents

This grants the role the authorisation to remove several documents at once in the tabular document overview (checkboxes).

Create autofill-interaction

AI Document Automator

If this authorisation is activated, users in this role can also use the AI Document Automator in the ‘Documents’ area in addition to classic document creation. In the documents area, the button is displayed directly next to the ‘Document.

Global Assets

This authorisation enables general access to global assets (media and materials).

Manage global assets

Permission

Effect

Further Information

Analytics

The ‘Analytics’ menu item is activated / deactivated with this permission.

Detailed analyses: Quartile und Boxplots

Cycle times

Get access to the ‘ Processing times’ feature in ‘Analytics’!

Permission

Effect

Further Information

Qualifications

Give the role the basic permission for the feature qualification

Manage qualifications

Allows the role, for example, to add or remove a corresponding qualification as a requirement for a document.

Permission

Effect

Further Information

Settings

Report execution

Authorisation to start and edit reports. The ‘Start report’ item appears in the menu on the left-hand side.

PDF report

Enables the role to output reports as finished PDFs.

Users

This gives you access to a user overview and allows you to edit user profiles!

Note: This should only be reserved for administrators!

  • Set user to API access only

Define whether it is an API user and generate a secret token for further use!

User groups

This authorisation enables access to user group management.

Manage access control via created user groups.

  • Delete user group

Roles & permissions

This makes the ‘Roles’ and ‘ Permissions’ areas accessible. The menu item is visible in "System settings -> User administration".

Note: These areas should only be accessible to administrators!

Authentication provider

This allows the ‘Auth provider’ area to be displayed in the system settings.

Interaction tags

With this authorisation, you activate the ‘Interaction tags’ menu item.

You can also use this authorisation to activate or deactivate interaction tags in the entire software for the specific role!

Document tags

This enables you to activate the ‘Document tags’ menu item. Here you can create and manage tags and activate/deactivate document tags with this authorisation (document tags are set in a document in the ‘Information’ tab).

Classes

Class characteristics

Classifier Filter

Units

If this authorisation is granted, the ‘Units’ menu item appears in the system settings and you can create your own units (and use them later in documents)

QR-codes

Enable / disable access to the creation/management of QR codes (System settings -> Data centre -> QR codes). In addition, allow / prohibit the specific role from using QR codes in the software. (QR code scanner under ‘Start report’ is displayed / not displayed)

Automator

Webhooks

To configure webhooks accordingly, you can make the area accessible using this authorisation.

API permissions

If this authorisation is active, you can create an API user (token) in the user table.

Tokens

Ist diese Berechtigung aktiv, können Sie in der Benutzer-Tabelle einen API-User (Token) erstellen.

Permission

Effect

Further Information

Access Control

Activates the basic ‘Access documents’ for that role.

Overwrite access control

Important! Overwrites any access restriction that has been set!

Note: Only use this function as long as you have not fully implemented the access authorisation.

Manage access

The access authorisations for the respective document, report, task or order can be managed under the ‘Access’ tab.

Did this answer your question?