Permissions

What is a Permission?

Permissions are specific rights or privileges assigned to users to control their access to various actions and data within the platform. Permissions represent the most granular level of access control, essential for ensuring that users only have access to the features and data necessary for their role. This provides a foundational layer of security and access management.

Key Characteristics of a Permission

• Name: A unique identifier for the permission, specifying the action or access the permission allows.

• Description: An optional field providing additional context or explanation about the permission's purpose.

• Example: For permission related to managing employee records:

  • Name: Employee_Record_Access

  • Description: Allows access to employee records.

Permissions are assigned to specific actions or queries at the action/query level within the platform. This means that while permissions define what can be done, they are linked to actions where the actual control is enforced.

Structure of Permissions

Permissions are typically grouped into roles, which are then assigned to users. This structured approach simplifies the management of user access and ensures that permissions are applied consistently across the platform.

• Example: An HR Manager role might include permissions such as Employee_Record_Access and Salary_Data_Access, allowing users with this role to perform specific actions related to these permissions.