Documentation

More about security and permissions

iBase Trinity has a flexible and highly configurable security model, which can be tailored to your specific requirements. The following information is based on the roles and permissions which are set up on the standard Trinity “Off The Shelf” or OTS system, however considerably more sophisticated security models can be accommodated if required.

Please contact the iBase support desk for assistance with any aspects of security, roles and permissions.

Item visibility and user access permissions

Item visibility

An item (digital asset / database record) can be set with an Access Level of ‘Private’ or ‘Public’.

  • Private means it can only be found and seen by registered and logged in users who have the necessary permission to view it.
  • Public means that it can be found and seen by any user, including users who are not registered and logged in.

User access permissions

A user’s permissions are determined by whether they are registered and logged in, and also by any additional roles assigned to them by a system manager.

System managers

System Managers are able to view all items, carry out all operations, and make configuration changes.

Users who aren’t logged in

Users who aren’t logged in are able to

  • Access and view any item where the access level has been set to ‘Public’.
  • Use all search and browse functions.

Registered and logged in users

Registered and logged in users are able to

  • Access and view any items where the access level has been set to ‘Public’
  • Use all search and browse functions.
  • Select items, view them as a group and save them as Selections or Sets.
  • Retrieve and load personal and shared saved Selections and Sets.
  • Email a comment or enquiry about any item they can access.
  • Email a link to any item they can see or email thumbnails of a selection.
  • Print any item they can see, using a selection of pre-defined print templates.
  • Order or purchase items, depending on item and system configuration.

Additional permissions for registered and logged in users

As standard Trinity has the following roles available for assignment to registered users as required.

  • System Manager
  • Can Upload new items
  • Can View Private items
  • Can Edit (Private items only unless a system manager)
  • Can Download
  • Can Delete

Any combination of roles can be assigned to a user.

Note 1: These roles are all optional, a user can be registered without any roles being assigned.

Note 2: The system manager role includes all other roles automatically, and so there is no need for them to be checked as well.