User rights and roles
User rights in Flightmap
User rights in Flightmap originate from two ways: general permissions and entity (project, portfolio, market etc.) permissions. Every user has a set of general permissions, which are a result of the user role of the user. For example, a portfolio manager has the permission to create portfolios, a market analyst has the permission create markets and a general manager has the permission to read all data. It is also possible that a user role (e.g. a team member) has only the permission to logon into Flightmap, but doesn't have to permission to see data. Users assigned to this role need to get their user rights via entity permissions, which is explained below.
A user that creates an entity (e.g. project or portfolio) becomes an entity owner. Entity owners have the right to update the concerning entity, but also to distribute entity permissions (entity data page > access rights tab): specify readers and updaters for the entity. Via this, other users get permission (user rights) to read or update the concerning entitiy. All users with create rights for an entity type can receive entitity permisisons (e.g. "create project" to view or update additional projects). Users with the standard role "team member" can also be added as reader or updater of projects.
A special entity permission is the permission to read or update a portfolio: users that can read or update a portfolio, can also read or update the projects linked to the particular portfolio.
Note: entity (e.g. project or portfolio) permissions can only extend the user rights of a user. It is not possible to restrict (or withdraw) rights via entity permissions. For example, a user that has read permissions on all projects, granted from his role "general manager", will not be able to lose his read permission on a particual project via entity permissions.