Privilege and Roles management

Description of the Privilege System

In agileBase, there are three privilege levels, as well as an extra ‘Administrator’ privilege.

The three privileges take effect per user per table, i.e. a user can have certain privileges on one table and different ones on another.

The levels are

VIEW: ability to read data only EDIT: ability to read and edit data MANAGE: ability to modify the database structure, i.e. create/delete tables, fields, reports etc., basically to build up and tear down databases. MANAGE also allows a user to unlock an individual record for editing if it has been locked.

For people with less privileges, the user interface is simplified.

Assigning privileges 

As an administrator, to assign privileges, use the Administrator module at the bottom of pane 1.

The administrator privilege doesn’t apply to a particular table but is a global option that allows setting up of users, roles, assigning privileges and creating modules. To assign the administration privilege, you must make a user a member of the ‘admincompanyname‘ role (there will be a role called this, using the actual company name)

If the number of users you manage starts to become large, you may want to assign them roles, which allows privileges to be managed on a mass basis. If a user has a certain role, he/she has all the privileges assigned to that role. Users can have more than one role.

To assign privileges, click on the ‘Administration’ module then ‘users’ or ‘roles’. This will allow you to select a user/role and assign table privileges. Alternatively, you can come from the other direction by selecting a table from ‘Tables’ then going to the manage tab which will let you set user/role privileges for that one table.

When setting user privileges, agileBase will show any privileges that the user already has due to being a member of a role. In this example, the user has been given EDIT privileges specifically on customer details and site addresses and is a member of a role that has VIEW privileges on staff contact details.

View Preferences

Below the Privileges button is one called Views.

Normally, a user can see all views that include data from tables they have privileges to view. However, you may want more fine grained control. Reports preferences can be used to narrow down the list that individual users can see. This can be particularly useful if you want to allow clients access to selected parts of your data.

For even finer grained record level control, you can assign a specific per-user filter in the user details section.