220.127.116.11. Roles, Permissions and Objects
Access Control model in ONEWEB is based on Roles, Permissions and Objects. You can control rights of user using this model.
Role is a job function that defines an authority level and can be used to assign the level of permissions on each object. You can easily define a role and assign it to many users who have the same permissions.
Permission is an approval on the mode of access of an object or a group of objects. You can group similar usage of objects together as a single permission to easily manage and to be assigned to many roles and users.
Object is a thing that needs to be access controlled and protected. Object can be anything you need to control permission such as button, textbox, menu, page, file etc.
The things to keep in mind are:
- A user can have many roles.
- A role can be assigned to multiple users.
- One role can have multiple permissions and many objects.
- One permission can be assigned to multiple roles.
- One permission can have many objects.