Rights

You can assign different types of rights to a role for one individual function:

• Allowed: The function is allowed in this role.
• Necessary: This function can only be performed by users who have this role.
• Prohibited: The function is prohibited in this role.

It is also possible for a role to have no relationship to a particular function; not every function needs to be defined in every role. Meanwhile, it is also possible for a function to be assigned to more than one role with the same or different types of rights.

For a user to access a particular function, the following conditions must be met:

• The user must have at least one role that allows the function.
• They need to have all roles that are necessary for the function.
• The user cannot have any role that prohibits the function.