Manage access policies
INFO
In order to use this part of the system you need to be a super admin. To get more informations abut how to manage super admins in RevasOS you can read the manage super admins guide.
Access policies are powerful access control tools to enable each collaborator to possess the roles they need to effectively perform their activities within the organization. An access policy consists of a document where each collaborator and team is associated with a list of roles. The links between a collaborator or team and a role is called an authorization policy.
Roles are predefined by the RevasOS system and are not modifiable. Roles possess a list of permissions that authorize collaborators and/or teams to use system resources.
If a user receives an access denied error, you probably need to configure the access policy to include that collaborator in the use of that particular function. More details on the roles and functions enabled for each app in RevasOS are available in the system administrator's console or within this documentation in the "Roles and Permissions" section for each app.
The IAM app allows super admins in organizations to manage collaborator-by-collaborator roles and define the types of operations and access they can perform on the system.
Permission list
The permission list contains in a table all the collaborators added with their permissions.
The table is divided into two columns:
- Member where the name of the collaborator is located.
- Roles with the list of all assigned roles
Clicking the Edit button at the end of each row takes you to the role editing editor.
Clicking the New Member button takes you to the editor for adding a new member with his or her permissions.
If changes are applied to a member or one is added, a notification panel appears above the member list that reads There ARE CHANGES TO PERMITS THAT HAVE NOT YET BEEN SAVED.
Clicking the Save button saves the changes applied to the list.
Roles filter
At the top of the table is a filter that allows you to change the way the list is displayed. By default, the filter is set to Members and each row represents a member.
By clicking Roles, each row represents a role, with all members having that role.
Editor to edit or create a new organization member
The editor is a panel that appears above the list of roles. The editor has the following fields:
- When adding a new member.
- SEARCH COLLABORATOR BY NAME when adding a new member. The search bar allows the member's name to be searched among the organization's collaborators
- In editing or once the new member is selected:
- MEMBER where the name of the collaborator is located - In editing, the collaborator cannot be removed.
- ROLES where the list of roles is located. Each role is a drop-down menu where you can select all roles. Next to each drop-down menu is a Remove Role button - clicking it removes the role.
Clicking the Add Role button creates a new row in the list of roles with a drop-down menu to select the role.
Clicking the Confirm button adds the member to the list of members with assigned roles.
Clicking the X-shaped button in the upper right corner cancels the changes.