Roles and Capabilities

This page presents the different roles and capabilities within the RIM-Nat application, organized into two levels: Portal and Project. These roles help structure permissions, defining what each user can view or manage in the application.

Portal-Level Roles and Capabilities

Each Portal is a workspace grouping projects, data layers, and users. Portal roles control who can access and manage resources in this workspace.

Role	Portal Access	Portal Admin	Layer Management	Project Management	User Management	View Project List
Portal Administrator	✅	✅	✅	✅	✅	✅
Portal Guest	✅	❌	❌	❌	❌	❌
Portal Collaborator	✅	❌	❌	❌	❌	✅
Portal Layer Manager	✅	❌	✅	-	-	✅
Portal Project Manager	✅	❌	-	✅	-	✅
Portal User Manager	✅	❌	-	-	✅	✅

Portal Role Descriptions

Portal Administrator: Complete access to all features within the portal, managing users, projects, and data layers without restrictions.
Portal Collaborator: Can see all projects within the portal (awareness of existence) and request access to them.
Portal Guest: Cannot see the full list of projects within the portal, only those they have been directly added to. They cannot request access to projects.
Specialized Managers:
- Layer Manager: Manages only the data layers within the portal.
- Project Manager: Creates, modifies, and deletes projects in the portal.
- User Manager: Responsible for adding and managing users within the portal.

ℹ️

Manager roles at the portal level are cumulative: a user can, for instance, hold both the Layer Manager and User Manager roles for expanded permissions.

⚠️

A user accessing a portal via a share link will automatically receive the guest role within that portal.

Project-Level Roles and Capabilities

Each Project represents a unit of work within a portal, with specific data layers and assigned users. Project roles determine access and actions users can perform within each project.

Role	Project Access	Project Admin	Layer Management	User Management	View Users
Project Administrator	✅	✅	✅	✅	✅
Project Guest	✅	❌	❌	❌	❌
Project Collaborator	✅	❌	❌	❌	✅
Project Layer Manager	✅	❌	✅	-	✅
Project User Manager	✅	❌	-	✅	✅

Project Role Descriptions

Project Administrator: Full permissions within the project, including managing users and data layers.
Project Collaborator: Can view and work within the project, with an overview of other involved users.
Project Guest: Restricted access to project data without visibility of other users.
Specialized Managers:
- Layer Manager: Manages the specific data layers within the project.
- User Manager: Manages users with access to the project, along with their roles and permissions.

ℹ️

Manager roles at the project level are also cumulative: a user can hold both Layer Manager and User Manager roles for the same project, if needed.

⚠️

Prevalence Rule: Permissions defined at the portal level override those set at the project level. For example, a User Manager at the portal level can manage users across all projects within that portal.

These roles and capabilities allow flexibility in managing access and permissions, ensuring precise control over resource use within RIM-Nat. For more details on user roles and permissions at each level, consult the dedicated documentation.

Last updated on 15 November 2024, 14:03 by Loïc Roybon

Obtain Capabilities