Understand what a permission role consists of
Understand what a permission role consists of
Within each role, permissions are broken down into Entity, Field, App, and Advanced permissions.
Entity permissions
Entity permissions control if users can:
- See entities.
- Create entities.
- Delete entities.
- Edit entities.
For example, perhaps an Artist will be able to see Assets, but only Managers will be able to create or delete them.
Field permissions
Field permissions control if users can:
- See fields.
- Edit fields.
Each entity has its own set of fields. An example of a field control would be a budget field on a task. Artists can be restricted from seeing the field altogether. Managers can be allowed to see but not Edit the field. Admins can see and edit the field. This way cost information is only shared on a need-to-know basis but can still be stored in Flow Production Tracking.
App permissions
App permissions control if users can:
- Access an app or not.
Advanced permissions
Advanced permissions control if users have access to specific functionality across Flow Production Tracking, such as:
- Seeing all Projects
- Editing the project navigation menu
- Creating and saving project pages
Permission roles are designed to be optimized for user-type. People with similar roles will ideally be a part of the same permission roles. Maintaining permission roles can be complicated, so it is generally advised not to have too many roles on a site, and to avoid creating per project or per department roles.
The default roles also come with some conditional rules to further restrict access. An example of a conditional rule is that the Vendor permission role can only see a task if they are assigned to it.