Roles and Rights

Modified on Fri, 18 Nov 2022 at 02:54 PM

Depending on the role-specific needs of users, role-based user rights are usually assigned in a well-considered way. The following table helps to understand the correlations between roles and rights as designed by Labforward.

Note: According to best practice, rights are not assigned to users directly, but to roles; and these roles are then assigned to users. The User role is to be understood as the rights configuration one has got whenever none of the other roles apply, e.g. when content is being shared to a user (hence aka Sharee).

context	ROLE				RIGHT
context	Admin	Sub-Admin	Owner	User	RIGHT
Group	+	–	–	–	change Group deleting rights
	+	–	–	–	give Group admin rights
	+	–	–	–	remove Group admin rights
	+	+	–	–	create Subgroup and invite users
	+	+	–	–	give Subgroup admin(s) rights
	+	+	–	–	remove Subgroup admin rights
	+	+	–	–	delete Subgroup (NOT if containing Subgroups or team members)
	+	+	+	+	leave Subgroup
	+	+	+	+	leave a Group
	+	–	–	–	delete a Group
Project	+	+	+	+	create Project
	+	+	+	–	delete Project (even if it has entries: only if Group deleting rights are set)
	+	+	+	–	change Project ownership
	+	+	+	–	change Project sharing rights (automatically shared with users having rights for that Folder or Group)
	+	+	+	–	hide or unhide Projects and Folders
	+	+	+	–	view Project details
Folder	+	+	+	+	create Folder
	+	+	+	–	delete Folder (even if it contains a Project; only if Group deleting rights are set)
	+	+	+	–	change Folder ownership
	+	+	+	–	change Folder sharing rights (automatically shared with users having rights for that Folder or Group)
	+	+	+	–	view Folder details