This section is still being revised.
All users can view all public resources and edit their own record. Some users will have additional permissions, for example to view or edit particular resources. These permissions are based on the user's roles:
The Super User role gives full permissions for all the resources belonging to an entity
Other Entity Roles, such as Assistant RGC, can be configured to give permissions for some or all of the resources belonging to an entity. The standard CRG roles have been set up with default permissions.
Document Roles, such as Co-author or Module Editor, give access rights for the relevant document
There are four ways a user may have a particular permission:
As part of the permissions all users have - such as the ability to view all persons.
From having an Entity Role - for example a RGC's permission to Publish reviews . Only some Entity Roles come with default permissions, but they can all be customized at the entity level.
From having a Document Role - such as Contact authors' permission to edit their reviews.
As a stand-alone permission assigned by a system Administrator - these are rarely used.
Note: Permissions are only relevant for users - without an account, you cannot do anything. See Becoming a user.
See Entity role permissions, Document roles
All users have the following standard permissions:
ability to read and edit their own contact details
ability to read (but not edit) non-hidden contact details for all persons
ability to view the titles of all documents (but not read or edit the contents).
The Entity Role Super User gives 'full control' for all the entity's resources. This means the ability to create, read, and edit information, including (in some cases) information marked as ‘hidden’. It also allows the user to publish documents.
Super Users may wish to share their permissions with another member of their entity. In case you only wish to give the person in question a subset of the permissions, such as the ability to edit contact details, this can be done by modifying the permission level assigned to the person's Entity Role. For example, an RGC (as Super User) can modify the permission level for the Staff role in the CRG to allow all staff to create and edit persons.
Note: Assigning permissions to an Entity Role will affect both current and future users who have the role, but only within the entity in question.
See Editing Entity Roles and Entity Role permissions for more details.
In addition to having entity roles, e.g., Staff or Author, users can also be assigned roles in relation to specific documents.
See Document Roles for a description of the permissions that come with Document Roles.
See also Becoming a user, Entity roles, Document roles, Authoring and editorial phases