What are Permissions?

There are three levels of permissions that Coghead allows Administrators to customize:

• Account level - Permissions which allows Users to set the permissions of other users and gives default access to groups for all Applications in the multi-user account.
• Application level – Permissions which allow Users to set the access of specific Applications. Application level permissions for a specific Application overwrite Account level permissions granting access to all Applications.
• Collection level – Permissions which allow Users to set the access of Collections within an Application. Collection level permissions overwrite Application level permissions. For example, A Collection level permission preventing the access of the Resources Collection in the Basic Project Manager Application overwrites access provided at the Application level that allows a User to see all Collections in the Basic Project Manager Application.

Admins can customize Account level permissions from the Permissions tab in the Account Management Page. Account level permissions are split into three types of access that admins can give to groups.

• Account Administration – This setting allows access to all Admin Console functionality such as creating groups, inviting users, setting permissions and customizing billing plans.
• Account Author – This setting allows access to creating, editing, exporting, importing and deleting Applications within an account and allows Author Mode to be turned on in an Application.
• Account User – This setting allows Users to launch Applications. Users can create, edit and delete records within a Collection.

By default, these rolls are split into two groups Admins and Users. The default group Admins allows administrator access to all users within the group, this group can set user permissions and add users to an account. The admins group also covers the Author roll and grants authoring permission to all users within the group. The group Users provides use permissions to all Users within the group. Permissions for Groups can be modified and new groups can be created to provide a combination of rolls to all Users within that Group.

All Users in an Account must be part of the Users group to stay in the Account. This means by default all invited users have access to use all of the Applications in the account. You can change this by setting Application level permissions .

Setting Account Level Permissions

To set Account level permissions you must be on the Permissions tab of the Account Mangement Page. On the Permissions tab you will see two permissions tables. The top table allows Administrators to set Authoring permissions to Groups and the bottom table allows Administrators to set User permissions to Groups. The account level Author and Use permissions can be broken down into five separate permissions.

• Create – Allows Authors to create new Applications or Users to create new records.
• Read – Allows Authors to copy and export an Application or Users to launch an Application.
• Update – Allows Authors to modify an Application's Collections, Views, Actions and Application level permissions or Users to edit records.
• Delete – Allows Authors to delete existing Applications or Users to delete existing records.
• Admin - Allows Admins to set permissions for Authoring or Using the account.

You can set custom permission levels to Groups through the following steps:

1. Mouse over the columns of each permissions and select each group that you would like to give access to.
   
   

Congratulations! You have now set the Groups that have access to the permission level. By assigning different Create, Read, Update, Delete, and Admin permissions to Authors and Users, you can create unique settings for each Group in your account.

As soon as you create a custom permission for Authoring Applications at the account level Create, Update, Read, Delete and Admin are all affected. So if you set custom Create authoring permissions but leave Update, Read, Delete and Admin blank no group in the account will be have permission to Update, Read, Delete or Administer at the account level for Authoring Application. You will need to set each one of these permissions if you customize one of them. The same is true when changing a single permission with account level Using Applications permissions.