|
KnowledgeTree organizes system users into users, groups, and roles.
Additionally, the content repository itself may be divided into separately accessed, and separately managed, Units.
Note: Only the KnowledgeTree administrator may add, edit, or delete these entities.
| • | User - as a KnowledgeTree user, you must belong to one or more groups and/or roles, in order to view and work with KnowledgeTree files and folders. This is because folder permissions may only be assigned to groups or roles, and not to individual users. |
| • | Group - a group (e.g. Editors, Management) contains one or more users, and it may contain one or more sub-groups. Individual users are organized into groups in order to assign the same set of folder permissions to multiple users. You may be added to a group based on, for example, your job description, your department, your location, and so on. Examples of groups include: 'Managers', 'Research', 'Marketing', or 'Accounts', and so on. Groups typically contain two or more users. If your organization has a small number of users, users may be divided into Roles, rather than Groups. |
| • | Role - roles may be used to assign specific permissions to a single user, or a single group (on a per directory basis), typically to perform a specific function in the business process, or in a workflow. |
| • | Unit - the unit concept is a method of dividing up your KnowledgeTree content repository into separately managed and even separately accessed areas. A unit displays as a folder in a pre-defined location of the folder structure, and a unit administrator may be assigned administrator rights on the folder, without having these permissions on the entire system. KnowledgeTree may be configured so that users may only view their unit folder on login. |
KnowledgeTree permissions are assigned on folders, to groups and/or to roles. From a permissions perspective, a group is a static collection of users - all users in a group have the permissions assigned to their group, on all folders and files where the group has been allocated permissions.
Roles allow you to assign permissions dynamically - you can assign one or more users or groups to a role that has its own permissions set up, typically specific to tasks that need to be performed by the role. Roles may be used in workflows, where specific users are required to transition a workflow or perform other workflow tasks. Roles may also be used to apply company-wide security policies in the document management system, or they can be used to allocate a specific permissions set up to particular users on specific folders - a user may have the 'Manager' role in one folder, and the 'Publisher' role in another folder.
Example
The following example describes how users may be practically assigned to Roles to perform specific tasks. Let's say you want to assign most of the available folder permissions to a group of users in the 'Accounting' group on the 'Accounts' folder, but you only want to give the departmental manager the 'delete' permission and the 'manage security' permission on the 'Accounts' folder.
In this case the departmental manager may be part of the Accounting group, but for purposes of their role as a manager, this user is assigned the 'manager' role, and the role is given an individual set of permissions that includes all the permissions of the group, plus the additional permissions they require to perform their role.
|
|
