Introduction to accounts and security

All activity in QBank is tied to a user. Which activity is available to a user is specified in the accounts admin panel. To simplify the sometimes very complex structure QBank utilizes groups, roles and functionality. 

All activity in QBank is tied to a user. Which activity is available to a user is specified in the accounts admin panel. To simplify the sometimes very complex structure QBank utilizes groups, roles and functionality. 

User

A user is the basis for all activity. All activity is somehow tied to a specific user. The user is the origin of most actions and can be used to control the security directly, though it is encouraged to base the security on groups.

The user has a username and password used to gain access to QBank, but may also retain information such as the person’s name, cell phone number, and address. The user’s e-mail address is always stored as it is used to send e-mail notifications to if needed.

A user may also select some preferences in QBank such as language, tab-behavior, and e-mail notification. 

Group

A group is a collection of users. One group may contain several users and a user may belong to several groups. As such it is the recommended way to enforce security. Any security setting on user level overrides the group-level settings, so it is possible to create exceptions from the standard security setup. The recommended usage is to create a group for each team that should have access in QBank, the more granular, the better. Overlapping groups is no problem; it may even be an advantage.

Category access can be set on group level. Each user then has access to the union of the categories defined by the groups they are members of.

In addition to its name, each group can have a description, which can be used to document the group’s purpose and intent. Each group should be connected to one or several roles.

Role

A role represents a piece of QBank functionality such as folder administration or media publishing. As such the role is connected to the groups that should have access to the functionality defined in the roles. QBank is delivered with a basic list of roles, but it is possible to create a custom role if a specific set is needed.

Functionality

A functionality is a single piece of QBank functionality and is very granular. It may reference a small part of a dialog or a single button. If the user lacks a functionality the actions they represents are not available. The functionalities available to the user is the union of functionalities in all roles connected to all groups the user is member of.