Administering Roles
Role-based access control (RBAC) is deeply embedded in the Rochade core and provides a powerful tool for administering user access to Rochade data. Its technical nature and complexity, however, can be overwhelming at times. The role administration features in the Web applications, therefore, focus on the functions that correlate directly to the work you can perform in the applications.
These are the main elements of role-based access:
- Permissions enable users to perform certain tasks on items.
- RACI templates describe which permissions are required to fulfill one of these key responsibilities for a specific item type:
| – | Responsible |
| – | Accountable |
| – | Consulted |
| – | Informed |
- Role templates define on which RACI templates a role is based.
- Stewardship responsibilities assign users the responsibility to perform certain tasks on items by assigning them the corresponding roles (based on the role templates).
- Governed contexts are items for which you can assign stewardship
responsibilities. The responsibilities apply to the context itself and to any items
in that context (those items are referred to as governed items).
The role administration features in the Web applications focus on role templates, stewardship responsibilities, and governed contexts.
The Web applications ships with these standard role templates:
| Role Template | Description |
|---|---|
|
Author |
Creates and edits governed items, submits them for approval, and receives notifications about item changes. |
|
Business Data Steward |
Approves changes to governed items and receives notifications about item changes. |
|
Context Administrator |
Assigns stewardship and workflows for governed contexts (for example, glossaries and governed contexts). |
|
Enterprise Data Steward |
Assigns stewardship and workflows for governed contexts, can take part in approval processes, and receives notifications about item changes. |
| PI Controller | Controls the GDPR items and participates in their approval processes. |
| PI Protection Officer | Controls the GDPR items and participates in their approval processes. |
|
Reader |
Accesses governed items for information purposes in read-only mode. |
|
Stakeholder |
Accesses governed items for information purposes and receives notifications about item changes. |
|
Technical Data Steward |
Approves changes to governed items and receives notifications about item changes. |
The role templates enable you to assign users responsibilities for the governed items.