You are reading the documentation for an outdated Corteza release. 2024.9 is the latest stable Corteza release.

Permissions

The permissions interfaces can be accessed by clicking on the "Permissions" navigation item on the left navigation drawer in each one of the available Corteza systems.

This interface allows you to define some of the more general permissions such as the actual access to a specific service. Refer to …​ for a more fine-grained overview over all the possibilities.

Corteza system

System service permissions

Allow access to administration

Determines if the role is allowed to access the administration panel (the web application being defined here),

Grant permission on system service

Determines if the role is allowed to grant permissions on system service,

Access all settings

Determines if the role is allowed to access any setting defined under the system,

Manage all settings

Determines if the role is allowed to manage and edit any setting defined under the system,

Create new organization

Determines if the role is allowed to create a new organization,

Create new role

Determines if the role is allowed to create a new role,

Create new user

Determines if the role is allowed to create a new user,

Create new application

Determines if the role is allowed to create a new application,

Allow reminder assignment

Determines if the role is allowed to assign reminders to other users.

When denying access to system settings, this also prevents their usage from inside automation scripts or any other operation that might read these settings.

Organizations

Access to all organizations

Determines if the role is allowed to access any organization.

Applications

Access any application

Determines if the role is allowed to access any application,

Update any application

Determines if the role is allowed to update any application,

Delete any application

Determines if the role is allowed to delete any application.

Users

Read any user

Determines if the role is allowed to access any user,

Update any user

Determines if the role is allowed to update any user,

Delete any user

Determines if the role is allowed to delete any user,

Suspend any user

Determines if the role is allowed to suspend any user,

Unsuspend any user

Determines if the role is allowed to unsuspend any user,

Show email details

Determines if the role is allowed to see the email address of any user,

Show name details

Determines if the role is allowed to see the name of any user.

The ability to show/hide email address/name can be useful when defining a community instance and we wish to keep some privacy.

Roles

Read any role

Determines if the role is allowed to see any role,

Update any role

Determines if the role is allowed to update any role,

Delete any role

Determines if the role is allowed to delete any role,

Manage members for any role

Determines if the role is allowed to add/remove members from any role.

Corteza Low Code

Service permissions

Access to compose

Determines if the role is allowed to access Corteza Low Code,

Create namespaces

Determines if the role is allowed to create namespaces for Corteza Low Code,

Grant permissions on compose service

Determines if the role is allowed to manage permissions for Corteza Low Code,

Access all settings

Determines if the role is allowed to read any setting for Corteza Low Code,

Manage all settings

Determines if the role is allowed to manage any setting for Corteza Low Code.

If a role doesn’t have access to the Corteza Low Code, they will also not be able to access any application defined as a Corteza Low Code namespace.

Namespaces permissions

Access any namespace

Determines if the role is allowed to access any Corteza Low Code namespace,

Update any namespace

Determines if the role is allowed to update any Corteza Low Code namespace,

Delete any namespace

Determines if the role is allowed to delete any Corteza Low Code namespace,

Manage any namespace

Determines if the role is allowed to manage any Corteza Low Code namespace,

Create modules under any namespace

Determines if the role is allowed to create modules for any Corteza Low Code namespace,

Create charts under any namespace

Determines if the role is allowed to create charts for any Corteza Low Code namespace,

Create pages under any namespace

Determines if the role is allowed to create pages for any Corteza Low Code namespace.

Modules permissions

Read any module

Determines if the role is allowed to access any Corteza Low Code module,

Update any module

Determines if the role is allowed to update any Corteza Low Code module,

Delete any module

Determines if the role is allowed to delete any Corteza Low Code module,

Create record under any module

Determines if the role is allowed to create records for any Corteza Low Code module,

Read records under any module

Determines if the role is allowed to access records for any Corteza Low Code module,

Update records under any module

Determines if the role is allowed to update records for any Corteza Low Code module,

Delete records under any module

Determines if the role is allowed to delete records for any Corteza Low Code module.

Module fields permissions

Read any module field

Determines if the role is allowed to see any Corteza Low Code module field,

Update any module field

Determines if the role is allowed to update any Corteza Low Code module field.

Charts permissions

Read any chart

Determines if the role is allowed to see any Corteza Low Code chart,

Update any chart

Determines if the role is allowed to update any Corteza Low Code chart,

Delete any chart

Determines if the role is allowed to delete any Corteza Low Code chart.

Pages permissions

Read any page

Determines if the role is allowed to see any Corteza Low Code page,

Update any page

Determines if the role is allowed to update any Corteza Low Code page,

Delete any page

Determines if the role is allowed to delete any Corteza Low Code page.

Corteza Messaging

Service permissions

Access to messaging

Determines if the role is allowed to access Corteza Messaging,

Grant permissions on messaging service

Determines if the role is allowed to grant permissions on Corteza Messaging,

Access all settings

Determines if the role is allowed to access any Corteza Messaging setting,

Manage all settings

Determines if the role is allowed to manage any Corteza Messaging setting,

Create public channels

Determines if the role is allowed to create public Corteza Messaging channels,

Create private channels

Determines if the role is allowed to create private Corteza Messaging channels,

Create direct messages and group channels

Determines if the role is allowed to create direct Corteza Messaging channels to a specific user or a set of,

Channels permissions

Update any channel

Determines if the role is allowed to update any Corteza Messaging channel,

View any channel

Determines if the role is allowed to access any Corteza Messaging channel,

Join any channel

Determines if the role is allowed to join any Corteza Messaging channel,

Leave any channel

Determines if the role is allowed to leave any Corteza Messaging channel,

Delete any channel

Determines if the role is allowed to delete any Corteza Messaging channel,

Undelete any channel

Determines if the role is allowed to undelete (restore) any Corteza Messaging channel,

Archive any channel

Determines if the role is allowed to archive any Corteza Messaging channel,

Unarchive any channel

Determines if the role is allowed to unarchive any Corteza Messaging channel,

Manage members on any channel

Determines if the role is allowed to add or remove any Corteza Messaging channel members,

Manage attachments on any channel

Determines if the role is allowed to manage attachments of any Corteza Messaging channel,

Message sending on any channel

Determines if the role is allowed to send massages to any Corteza Messaging channel,

Reply to messages on any channel

Determines if the role is allowed to reply (create threads) to any Corteza Messaging channel message,

Embedding in messages on any channel

Determines if the role is allowed to embed external resources to any Corteza Messaging channel message,

File attaching on any channel

Determines if the role is allowed to upload files (attachments) to any Corteza Messaging channel,

Update own messages on any channel

Determines if the role is allowed to update own messages of any Corteza Messaging channel,

Update any message on any channel

Determines if the role is allowed to update any message or any Corteza Messaging channel,

Delete own messages on any channel

Determines if the role is allowed to delete own messages of any Corteza Messaging channel,

Delete any message on any channel

Determines if the role is allowed to delete any message of any Corteza Messaging channel,

React on messages on any channel

Determines if the role is allowed to add reactions to any message of any Corteza Messaging channel,