RBAC Administration setup
File Stream uses RBAC (Role Based Access Control) as the foundation of its setup structure. See diagram below giving a general overview.
A role can be defined in a variety of ways. The most common setup is to create File Stream roles to mirror the job roles within a company. Possibly..
|SALES ROLES||Sales Manager|
|Sales Northern Region|
|Sales Southern Region|
|HR ROLES||HR Manager|
|ACCOUNTS ROLES||Accounts Manager|
|Sales Ledger Administrator|
|Purchase Ledger Administrator|
A company can have as many roles as they require. Once a role is created, permissions can be applied to it. It is possible for a user (included in several roles) to log into File Stream as a particular role and as such will view only cabinets and permissions associated to that role.
Role permissions fall into 3 categories:
This section allows you to specify which system functions you want users to have access to. The Icons for any features you turn off will not be visible when they log into the program. This results in a very simplified,uncluttered look and feel to the software for the users. The list of features to turn on and off is extensive and includes Search, Index, Scan, Annotate, Append etc. etc. It is now possible to allow certain Administration tasks and not others.
2. IN-TRAY PERMISSIONS
Very similar to existing process simply apply in-tray permissions to the roles rather than the old Groups.
Highlight each cabinet (viewable by the selected Role) in turn and apply permissions separately to each. This means for example that you can allow editing or deleting of documents in one cabinet but not another.
Select the FIELDS tab to choose which fields in each cabinet you want the ROLE to see when the users Index and Search. In addition to the above, it is now possible to say which values in a field a user(s) is allowed to search for. For example Roles could be set up for individual sales people with permissions to ensure that they can only view documents relating to their own customers. Alternative uses would be to prohibit certain users from searching for documents such as price lists whilst still allowing access to general documents or in the area of finance stopping users viewing invoices above a certain value. There offers a huge amount of versatility.
It has been possible for some time now to set up FILTERS at cabinet level. Many Finance departments set up one CABINET with filters set as types of document e.g. Supplier Invoices, Expenses forms, Payslips. As part of the process you then specify which fields in the cabinet should be available to each filter. RBAC now allows you to specify which filters can be viewed by which roles. The benefits of this approach are twofold; it makes it easy for users to file documents as they know exactly which fields to complete whilst at the same time making it possible to have one cabinet for all finance documents rather than several.
PLEASE NOTE - Our Advanced RBAC Module is required to set rules against individual cabinet fields and to specify which Filters are viewable by which roles.
Prior to a system installation, we encourage customers to thought through the ROLE structure that would suit their company best.