In this article, we will discuss the differences between roles, permissions, qualifications, and access control.
Differences between roles, permissions, qualifications, and access control.
Regardless of the defined user role, access control prevents users from viewing, opening, or editing a document or report. Thus, the system blocks unauthorized access to resources on the platform, unlike roles, which only define the general framework of functionalities.
A user's roles (e.g., Editor, Assistant) determine which actions they can perform with orders, documents, and/or reports. An "Editor" (or content creator) can edit documents, while an "Operator" can initiate and execute created content as an order, report, or task.
Access control goes further by regulating which specific user (or user group) has access to which specific documents, reports, orders, or tasks—regardless of their role.
Thus, access control enables a more precise management of access to individual contents, going beyond role-based permissions.
Within a role, all functional parts of the software can be activated or deactivated via the permissions table.
Qualifications come into play when the operator must meet certain requirements in the form of a qualification to execute a report or an entire order.
The following list is intended to assist you.
Permissions table
Permission | Effect | Further Information |
Orders | Enables the basic menu item “Orders” in the left side menu and provides a view of the orders. |
|
Creating and edit orders | Orders can be created using the “New order” button, existing order data can be modified. |
|
Manage order series (rules) | The menu item “Series (rules)” appears in the left side menu, where entire order series can be planned and created in advance for the future. |
|
Adjust schedule for individual steps | Exceptions and individual rules can thus be mapped within the order series creation/processing (visible by clicking on the inserted document -> right side menu “Schedule of individual steps”). |
|
Archive & manage archived | This allows orders to be removed from the order overview list and removed orders to be restored. |
|
Attach, detach and reorder documents and reports | Users with this authorization can add new documents (or reports) within an order, remove existing ones from the order and completely rearrange the order. |
|
Permission | Effect | Further Information |
Reports | Enables the general "Reports" menu item in the left sidebar, allowing access to ongoing and completed reports. |
|
Start from document | When enabled, adds the menu item "Start Report" in the left menu. Allows operators to execute created documents as reports. |
|
Use QR-Scanner | Allows linking and calling documents via QR codes. Enables the "QR Scanner" menu item in the sidebar. |
|
Show completed reports | Allows reopening of completed reports. A relevant menu option is shown in the report details section. | |
Allow customizing report name and class characteristics | Allows modification of the title and classification for ongoing reports. |
|
show report timestamps | Enables/disables the display of employee names and timestamps during report handling. | May be required by the works council. |
Reopen report | Allows reopening of completed reports. Intended for specific roles/users. | All actions are audit-logged.
|
Create file exports (PDF, CSV, XLSX) | Adds options in the report details view (top-right kebab menu) for exporting report data. |
|
Archive & manage archived | Allows archiving of reports not needed anymore and reactivation from the archive. |
|
Manage external access to reports | Enables sharing specific reports with individuals without Operations1 access (read-only). Found in kebab menu of report detail view. |
Permission | Effect | Further Information |
Tasks | General permission to access the "Tasks" menu in the left sidebar. | |
Delete tasks | Grants permission to delete existing tasks. |
|
Permission | Effect | Further Information |
Documents | Allows both internal and external sharing of document links. The “Share Link” option can be found either in the table view (row-end kebab menu) or in the document detail view.
| Dokumente in Operations1 erstellen: Neue Dokumente mit Operations1 erstellen | Operations1 |
Manage external access to documents | Allows the internal and external sharing of document links.
‘Share link’ can be found either in the tabular document overview on the right in the row (kebab menu) or directly in the document detail overview, also at the top right in the kebab menu. | |
Classify multiple documents | This can be used to classify several documents at once in the table document overview! |
|
Publish directly without review | Ist diese Berechtigung aktiviert, können Dokumente direkt und ohne Gegenprüfung veröffentlicht werden. |
|
Review and approve to publish | Diese Berechtigung gibt der adressierten Rolle die Möglichkeit zur Freigabe angefragte Dokumente zu überprüfen und anschließend |
|
Attache tags to interactions | If this authorisation is enabled, documents can be published directly and without cross-checking. |
|
Remove multiple documents | This grants the role the authorisation to remove several documents at once in the tabular document overview (checkboxes). |
|
Create autofill-interaction |
| |
AI Document Automator | If this authorisation is activated, users in this role can also use the AI Document Automator in the ‘Documents’ area in addition to classic document creation. In the documents area, the button is displayed directly next to the ‘Document. | |
Global Assets | This authorisation enables general access to global assets (media and materials). |
|
Manage global assets |
|
|
Permission | Effect | Further Information |
Analytics | The ‘Analytics’ menu item is activated / deactivated with this permission. | Detailed analyses: Quartile und Boxplots |
Cycle times | Get access to the ‘ Processing times’ feature in ‘Analytics’! |
|
Permission | Effect | Further Information |
Qualifications | Give the role the basic permission for the feature qualification | |
Manage qualifications | Allows the role, for example, to add or remove a corresponding qualification as a requirement for a document. |
|
Permission | Effect | Further Information |
Settings |
|
|
Report execution | Authorisation to start and edit reports. The ‘Start report’ item appears in the menu on the left-hand side. | |
PDF report | Enables the role to output reports as finished PDFs. |
|
Users | This gives you access to a user overview and allows you to edit user profiles! | Note: This should only be reserved for administrators! Create users en masse: Create multiple users in bulk | Operations1 |
| Define whether it is an API user and generate a secret token for further use! | Users, roles & API access: Create, manage and assign users and roles | Operations1 |
User groups | This authorisation enables access to user group management. | Manage access control via created user groups. |
|
|
|
Roles & permissions | This makes the ‘Roles’ and ‘ Permissions’ areas accessible. The menu item is visible in "System settings -> User administration". | Note: These areas should only be accessible to administrators!
|
Authentication provider | This allows the ‘Auth provider’ area to be displayed in the system settings. | |
Interaction tags | With this authorisation, you activate the ‘Interaction tags’ menu item. You can also use this authorisation to activate or deactivate interaction tags in the entire software for the specific role! |
|
Document tags | This enables you to activate the ‘Document tags’ menu item. Here you can create and manage tags and activate/deactivate document tags with this authorisation (document tags are set in a document in the ‘Information’ tab). |
|
Classes |
|
|
Class characteristics |
|
|
Classifier Filter |
| |
Units | If this authorisation is granted, the ‘Units’ menu item appears in the system settings and you can create your own units (and use them later in documents) |
|
QR-codes | Enable / disable access to the creation/management of QR codes (System settings -> Data centre -> QR codes). In addition, allow / prohibit the specific role from using QR codes in the software. (QR code scanner under ‘Start report’ is displayed / not displayed) |
|
Automator |
|
|
Webhooks | To configure webhooks accordingly, you can make the area accessible using this authorisation. | Overview: Provided Webhooks
|
API permissions | If this authorisation is active, you can create an API user (token) in the user table. |
|
Tokens | Ist diese Berechtigung aktiv, können Sie in der Benutzer-Tabelle einen API-User (Token) erstellen. |
|
Permission | Effect | Further Information |
Access Control | Activates the basic ‘Access documents’ for that role. | |
Overwrite access control | Important! Overwrites any access restriction that has been set!
Note: Only use this function as long as you have not fully implemented the access authorisation. | |
Manage access | The access authorisations for the respective document, report, task or order can be managed under the ‘Access’ tab. |
|