Introduction to Designer Role-Based Access Control (RBAC)
Overview
Designer RBAC (role-based access control), also known as Creator Also known as Unqork Users, or Designer Users; is anyone who is inside the Unqork platform. RBAC, manages Creator access to an Unqork Environment, and the individual Workspaces in the environment. Using Designer RBAC, administrators can assign Creators one of three standard roles, or create unique roles with a specific set of access permissions. Once Creators are assigned a role, administrators can further limit access to the Unqork platform by assigning Creators to individual workspaces.
Limiting Creator access to the environment and a workspace improves company security, and prevents Creators from accessing information they should not have. For example, if your company has two Unqork workspaces, and one workspace contains sensitive customer data, you could limit access to only Creators approved by administration.
Differences Between Environment and Workspaces RBAC
Environment and Workspaces RBAC RBAC (Role-Based Access Control) is a method to control system access for authorized users. The role in RBAC refers to the levels of access employees have to a network. provide Creator roles that control the level of permissions Creators have for an environment and its workspaces. While Environment and Workspaces RBAC provide control over different portions of the Unqork Designer Platform, their permissions can be combined to create a set of permissions for a Creator or user. Only administrators can assign Environment and Workspace roles to Creators and users.
Environment RBAC
Environment RBAC manages roles applied across all workspaces and Administration Settings, like Services Administration, Managed Assets, PDF Template Administration, and Style Administration. For example, users with application CRUD CRUD refers to the four critical operations for creating and managing data elements in your applications. It stands for create, read, update, and delete. permissions at the environment level can create, read, update, and delete data in all workspaces.
To learn more about managing Environment RBAC, view our Environment Level Role-Based Access Control article.
Workspaces RBAC
Workspaces RBAC manages roles that are applied to a specific workspace, and overrides Environment RBAC permissions for specific workspaces. For example, if a user has application CRUD CRUD refers to the four critical operations for creating and managing data elements in your applications. It stands for create, read, update, and delete. permissions at the environment level, assigning them the View role in a workspace prevents them from using their application CRUD permissions in that workspace.
To learn more about managing Workspaces RBAC, view our Workspaces Role-Based Access Control (WSRBAC) article.
Administrators can assign Update permissions for a user to update all workspaces. But, if there's a workspace that an administrator does not want updated, they can assign that same user the Can View permission for that workspace using Workspaces RBAC. Or, a user might have environment access to services and only view access to a specific workspace.
Here's a chart with an example of an architectural layout for an environment and two workspaces:
Designer RBAC Permissions
The Unqork Designer Platform uses Designer RBAC permissions to control how Creators access an environment or workspace. Environment and Workspace permissions are similar, but provide different functions. Use the tables below to compare how each permission's function:
Environment Permissions
Environment permissions are assigned to standard or custom roles using the Creator Role Administration page. Once roles are set, administrators can assign or change a Creator's role using the Creator (User) Administration page.
|
Permission |
Description |
|---|---|
|
View |
Can view the chosen Designer element but cannot make changes. |
|
Update |
Can make changes to the chosen Designer element. |
|
Create |
Can add new Designer elements. |
|
Delete |
Can remove the chosen Designer element from your environment. |
|
Promote |
Can move the chosen Designer element up to the next environment level. |
Learn how to assign roles containing environment permissions using our Creator (User) Administration article.
Workspace Permissions
Workspace permissions are assigned using the Workspace's User Permissions settings. Workspace permissions override Environment permissions for that workspace.
|
Permission |
Description |
|---|---|
|
Can View |
Can view elements in the workspace, but not modify them. |
|
Can Edit |
Can add, edit, or remove elements from the workspace. |
|
Can Manage |
Same access as Can Edit, but can also add or remove users from the workspace. |
|
No Access |
Cannot view, edit, or modify elements in the workspace. |
Learn how to use Workspaces RBAC using our Workspaces Role-Based Access Control (WSRBAC) article.
Resources
