Role-based Access Control (RBAC)
Roles, user actions and user (groups)
User actions are the logical grouping of protected features in Dime.Scheduler. These are defined by Dime and cannot be modified. By themselves, user actions mean nothing. It is only useful when roles are defined and assigned to users and user groups.
A role is nothing more than a collection of user actions. Administrators can assemble roles at their own discretion, just like they can decide which users (and groups) are assigned to which roles. Roles are independent of user actions and vice versa. Overlaps may be possible but are not a problem for Dime.Scheduler: the user will have access to all (distinct) user actions for the roles assigned to him.
The following is a simplified representation of the relationship between roles and user actions:
In this example, there are :
- Three roles with their own set of user actions
- Two roles are assigned to user groups
- One role is assigned to a user directly
User 1 will receive all user actions from role 3 and role 2. There are overlaps in these two roles but that doesn't matter, which creates the following result:
- Update appointment (role 2)
- Paste appointment (role 2)
- Personalization (role 2, role 3)
- Open details (role 2)