|
||
 |
||
|
|
||
|
||
Inhalt
|
|||||||||||||||||||||||||||||||||||||||||||||
 |
|||||||||||||||||||||||||||||||||||||||||||||
|
In Main//Pyrus you decide between effective and personal permissions. You receive personal permissions as a user personally. But there are other ways to receive permissions: If a group you belong to have permissions for a project, you could read it despite not having these permissions. If the group don’t have this permission, but you have the personal permission that grants you access to this project you has of course access to this project. So you or the group just have to own that permission to access the project. Groups can be a part of other groups which means that you may get permission over many different ways, e.g. you and your group haven’t the read permission to this project but a super ordinate group your belong to have it, you and your group have it, too. So if a user had the permission to see a certain project, eventually wouldn’t depend on his personal permissions. The permission that is at least used is called effective permission.
Main//Pyrus uses the concept roles. So it's possible to create a role “Director“. The director/s will be assigned to it. If all the permissions would be consequently given to roles, the directors would have directly access to all documents to which the role Director has access to. If the director changed, the old one would be eradicated of the role and the new one would be assigned to it. He has instantly access to all documents out of this role. The role “Director“ can be a member of the role “management“. Main//Pyrus won't differ between roles and groups. That is possible because groups can also be members of groups. There would be two groups for the example above: “Director“ and “Management“.
Furthermore there's the possibility of a substitute: if a user e.g. made holidays, he could choose a user as his substitute. In this case he would limit the substitute. But it's also possible to create permanent substitutes. For example the secretary can errantly represent her boss. The result of the substitute is always, that the principal become the same permissions as the person he substitutes.
The owner of a document has automatically all permissions of the document. It's not possible to revoke the owner's permissions. Therefore it is warranted that there are no documents to which no one have access and which survive the system as funerals.
If you grant permissions you have to attend that you must choose out of the three possibilities : yes, no and never.
If you chose yes, you, as a group or a user, would receive the permissions; if you chose no, no permissions would be granted at that moment. Because of the aforesaid fact, that it's possible to receive permissions through groups and superior groups, you can choose "never". This "never" would overwrite every "yes" that you could possibly receive through group membership. But if you substituted a person who had the necessary permissions for that file, you could access that file despite the "never".
Recapitulate the permissions contain out off the following abilities:
Where a never can overwrite all yes
Personal permissions.
Group membership
group membership of the group in another group
Never have any influence on
substitutes
owner of documents or projects