Setting Group Access Rights
Group access rights are configured on the User groups (access rights) tab in the Security system window. This tab lists all object types that have been configured in enaio® editor for the archiving system. You assign archive object types to the selected group and define the access rights to these archive object types.
Access rights to archive objects can be assigned as follows:
- Show index data (R)
- Write index data (W)
- Delete object (D)
- Output object (X)
(open, print, export)
- Write object (U)
(create and modify)
Each of the access rights can also be made dependent on a clause.
In order to delete archived documents, a user requires the 'Client: Delete archived documents' system role. In enaio® enterprise-manager, you can select whether to simply remove archived documents from the recycle bin or delete them physically from storage media.
To print documents, users require the 'Client: Print documents' system role.
Folder Access Rights
If a user does not have the 'Show index data' right to access folders, the respective search form will not be shown in the object search. The search forms of the assigned tab pages and document types are also not displayed. As a result, users cannot search the full contents of all folders of this type.
The 'Write index data' folder access right includes the right to create new folders.
The user needs the 'Output object' folder access right in order to open folders.
Users with the 'Delete object' access right can only delete folders if they additionally have the right to delete all registers and documents within the folder.
The 'Write object' right to access folders does not have any function.
Register Access Rights
If a user does not have the 'Show index data' right to access registers, the respective search form will not be shown in the object search.
The 'Write index data' register access right includes the right to create new registers.
The user needs the 'Output object' register access right in order to open registers.
A user who wants to open a register via a reference, such as a notes window, additionally requires the 'Output object' right to access the folder and the register in which the register to be opened is located.
Users with the 'Delete object' access right can only delete registers if they additionally have the right to delete all registers and documents within the register.
The 'Write object' register access right does not have any function.
Only the access rights to the folder and the directly preceding register are checked in nested register structures – not additionally all registers in between.
Document Access Rights
If a user does not have the 'Show index data' right to access documents, the respective search form will not be shown in the object search.
The 'Write index data' document access right includes the right to create new documents without pages. To create a document with pages, the 'Write object' access right is also required.
A user who wants to open a document via a reference to the object, such as a notes window, additionally requires the 'Output object' right to access the folder and the register in which the document to be opened is located.
The rights for 'Group annotations' and 'Public annotations' are only relevant for image documents.
Only the access rights to the folder and the directly preceding register are checked in nested register structures – not additionally all registers in between.
Annotation Rights
Users with the 'Group annotations' right are allowed to create, hide, edit, and delete static group layers for documents of the indicated type. If they also have the 'Client: Edit static layers of other users' system role, they are allowed to hide, edit, and delete all static group layers.
Users with the 'Group annotations' right can create dynamic group layers, while every user can hide, modify, and delete these layers.
The same applies to public layers. Users with the 'Public annotations' right are allowed to create, hide, edit, and delete static public layers for documents of the indicated type. If they also have the 'Client: Edit static layers of other users' system role, they are allowed to hide, edit, and delete all static public layers.
Users with the 'Public annotations' right can create public layers, while every user can hide, modify, and delete these layers.
If users without annotation rights import documents into enaio® client, layers will be burned in indelibly. Users with the right to edit these documents ('Write object') will only edit the documents with burned-in layers. While checking in files, they will be saved with burned-in layers. Burned-in layers cannot be removed from the document.
Layers cannot be burned into PDF documents.
Object Type Access Rights
Follow these steps to assign groups access rights to object types.
- Open the Security system window.
- Click the User groups (access rights) tab.
- Select a user group from the User group list.
- Select the object types on the left-hand window to which the group should have access. Use the arrow icon to move the object types to the right-hand window.
- Select object types in the right-hand window.
- Activate the checkboxes to select the rights you want to assign.
PressAll to select all rights and None to deselect all rights.
- Click the Assign button. A summary of the new access rights will be displayed in the right-hand window.
- Click OK. The rights will be saved.
Access rights can also be made dependent on clauses (see 'Clauses').
You can print the access rights of user groups using the Print button. The Grouplist.xsl style sheet is used for the printout. The style sheet can be found in the admin component directory. You can edit the design.
The exclusion of locked users does not apply to users whose account has been locked after entering the wrong password three times.
on the right.
areas. Use the toolbar to show all hidden areas at once:
