User Rights

You can allow or restrict features that users can use, for each organization, user, or role.
Set the following permissions.

  • Access Permissions
    Permissions for accessing categories and folders. For some applications, you can limit actions such as editing and deleting.
    In combination with the security model, you can set what you allow or disallow.
  • Permission
    User is authorized to use the features of the application.
    In combination with the security model, you can set what you allow or disallow.

Security Model

Security model is a feature that allows you to select targets to allow actions, or to select targets to prohibit actions.
If you change to the appropriate security model, targets for which you set access permissions are reduced, and it becomes easier to manage.

Select one of the following security models.

GRANT (Only users on the list have access)

Set organizations, users, or roles that you want to allow actions.
When you set access permissions for organization or role, they are applied to all users who are members of the organization or the role.

Diagram showing the state of GRANT

REVOKE (All users have access except users on the list)

Set organizations, users, or roles that you want to prohibit actions.
When you set access permissions for organization or role, they are applied to all users who are members of the organization or the role.

Diagram showing the status of REVOKE

Changing the Security Model

You can change the security model on the screen to set access permissions and rights.
You can select one of the followings.

  • GRANT (select targets to allow actions):
    Select organizations, users, or roles that you want to allow actions.
  • REVOKE (select targets to restrict actions):
    Select organizations, users, or roles that you want to restrict actions.

Here we provide an example of changing the security model for the "Domestic Sales Department" category in the bulletin board.

Steps:

  1. Click the administration menu icon (gear icon) in the header.

  2. Click System settings.

  3. Select "Application settings" tab.

  4. Click Bulletin Board.

  5. Click Edit user rights.

  6. On the "Edit user rights" screen, select the "Domestic Sales Department" category and click Edit.

  7. On the "User rights" screen, click Change in the "Security model".

    Screenshot: Link to change is highlighted in the list of User rights screen

  8. On the "Change Security Model" screen, change the security model and click Edit.

    Image of the security model changing screen

  9. Click Yes on the "Change Security Model" screen.

User Rights

By setting access permissions, you can limit actions users can perform, such as actions against bulletin board categories and file management folders.
Access permissions can be set for each organization, user, or role.
For example, only users who are members of the board and the members of the secretarial department can view the "Confidential" category in the bulletin board.

You can set access permissions in the following applications.

  • Portal
  • Portlet
  • Bookmarks
  • Scheduler
  • Bulletin Board
  • Cabinet
  • Phone Messages
  • Workflow
  • MultiReport

For details on prioritized access permissions when a target has more than one access permissions, refer to the "Prioritized Access Permissions" section.

Permission

By setting permissions, you can limit the use of some application features, such as the My portal and the Personal Address Book.
Permissions can be set for each organization, user, or role.
For example, only users who belong to the General Affairs Department or the Sales Department can use the shared address book.

You can set permissions in the following applications

  • Portal
  • Address Book
  • KUNAI