RBAC Administration setup
File Stream has decided to make significant changes to how permissions are set up in the program. It is adopting RBAC (Role Based Access Control). See diagrams below giving a general overview of how it works.
A role can be defined in a variety of ways. The most common requirement we come across is to create File Stream roles to mirror the job roles within a company. For example -
|SALES ROLES||Sales Managers|
|Salesman Northern Region|
|Salesman Southern Region|
|HR ROLES||HR Manager|
|ACCOUNTS ROLES||Accounts Manager|
|Sales Ledger Administrators|
|Purchase Ledger Administrators|
A company can have as many roles as it requires. Once a role is created, permissions can be applied to it. It is possible for a User (included in several roles) to log into File Stream as a particular role and as such will view only cabinets and permissions associated with that role.
Role permissions fall into 3 categories:
This section allows you to specify which system functions you want users to have access to. The Icons for any features you turn off will not be visible when they log into the program. This results in a very simplified, uncluttered look and feel to the software for the users. The list of features to turn on and off is extensive and includes Search, Index, Scan, Annotate, Append etc. etc.
It is now possible to allow certain Administration tasks and not others.
2. IN-TRAY PERMISSIONS
Very similar to existing process: simply apply in-tray permissions to the roles rather than the old Groups.
Highlight each cabinet (viewable by the selected Role) in turn and apply permissions separately to each. This means for example that you can allow editing or deleting of documents in one cabinet but not another.
Select the FIELDS tab to choose which fields in each cabinet you want the ROLE to see when the users Index and Search.
In addition to the above, it is now possible to say which values in a field a user(s) is allowed to search for. For example Roles could be set up for individual sales people with permissions to ensure that they can only view documents relating to their own customers. Alternative uses would be to prohibit certain users from searching for documents such as price lists whilst still allowing access to general documents, or in the area of finance, stopping users viewing invoices above a certain value. This offers a huge amount of versatility.
It has been possible for some time now to set up FILTERS at cabinet level. Many Finance departments set up one CABINET with filters set as types of document e.g. Supplier Invoices, Expenses forms, Payslips. As part of the process you then specify which fields in the cabinet should be available to each filter. RBAC now allows you to specify which filters can be viewed by which roles. The benefits of this approach are twofold; it makes it easy for users to file documents as they know exactly which fields to complete whilst at the same time making it possible to have one cabinet for all finance documents rather than several.