Managing Users and Permissions

In this section you can know about:


Adding Users


Logged-in admin users can add more users to provide them access to the database application. For this, proceed to Users Add User > enter Name and Email Id as shown in the below given image.


Now the new user will be able to use the Google / Google Apps / Yahoo! user account associated with that email-id, to login and access the application.

If the user does not already have an user account with these services, they can signup for a new Google account with their existing email-id :

https://accounts.google.com/SignUpWithoutGmail
as shown in the image below :


The user can be provided permissions based on assigning them to a Role or by using Auth Profiles, details of which are given below.


Simple Role based access control


Users can be associated to roles which can be either adminuser or guest, as shown in the image below.


By default , admin users have permissions to all data and can perform all operations. Those in user role can add / update / delete non-admin records. Guest users will typically have read-only permissions. This can be customized to for custom entities, by configuring the Read Authorization and Write Authorization in the entity record.

If the Read Authorization and Write Authorization is set to admin, then only admin users can view / add / update / delete the records. Even those with the user role, will not be able to view the records from that entity.


Apart from simple role based access control, you can also specify fine-grained access privileges using authorization profiles, details for which are given below.

Using Authorization Profiles for fine-grain access control


With the help of Authorization Profiles (from under Admin > Auth Profiles > Add Auth Profile), one can allow / restrict access to specific operations alone, like controlling permission to View, Add, Edit, Delete, Export records or to Send Emails.

After adding an authorization profile, you will have to edit the user record to associate the Auth Profile, as shown in the image below.


For more details, kindly refer to the following blog post:
Access Control up to Field-Level, now possible in iFreeTools CRM & Creator.