You can set roles and permissions for individual models in your data model. Open the data model (A) menu and select a model (B) from the list of models. The details for the model selected are opened on the Properties (C) tab. Click on the Permissions (D) and click on the Jump to Roles & Permissions (E) button.
The details of the Roles and permission for all the individual models in the data model are displayed. In the example, the line for permissions for the Actor model is indicated in the overall model list displayed.
The Admin (F) role is currently selected from the list of roles and the details for that role in relation to the Actor model are shown based on the different columns (G) Create, Read, Update, Delete, Export - in the table view displayed.
Adding a new role
You can add a new role by clicking on the Add (A) button. The Create new role (B) dialog is displayed. Enter a name for the role (C) and press the Create role (D) button. The role is now shown in the list of available Roles (E). You can edit the permissions associated with the role for the individual models based on the requirements for your application.
Note: You can also duplicate an existing role. See Managing Roles - Renaming, Duplicating or Deleting roles for details. You need to assign a new name to the role. You can then edit the permissions that are also duplicated to those required for the newly created role.
Editing existing permissions
Once you have selected a role, you can edit the permissions for each of the models. You can expand the menu for each permission, and change as required. Ensure that the role you want to customize is selected (A). You can click on the pull-down menu to display the options (B) available for each of the permissions (Create, Read, Update, Delete, Export). You can select the required option based on the individual permissions for each model. You can choose to apply that a user with the Admin role has the following permissions with regard to creating records (Create):
Managing roles - Renaming, Duplicating, or Deleting roles
You can create new roles as described in Adding a new role. You can also use the additional options available at Role (...) level (A). When you open the menu, you can:
What permissions are available
The following explains the various permissions that you can assign:
Insert data associated with/defined by the model.
Select or use data associated with/defined by the model.
Edit data associated with/defined by the model.
Delete data associated with/defined by the model.
Export data associated with/defined by the model.
Users with multiple roles assigned
When a user is assigned to two separate roles, for example, admin and employee. The higher role will always apply in terms of role order (admin), however, if the lower of the two roles (employee) isn't allowed to create something, the user as a whole will not be able to create this at all.
role A can read model X
role B cannot read model X.
if a user has role A and role B, then this user cannot read model X.
Make sure to keep an eye on the use of double roles when they also have different permission settings.