Role dependent / Role based
The security of each process is role based. Many specific area of this process can be secured in a way to allow access only to a certain groups of people.
Security in E-Flow Suite is defined as a group gathering at the highest level. These groups can contain both users and other groups. Groups are used to specify access to certain features and tasks in the E-Flow Server.
The groups are divided as follows in order to facilitate the organization of a security schema.
Roles define a class beyond various boundaries within an organization. For example, a Customer Service Representative, a Corporate Executive or a Network Administrator. There are various built-in roles that to be described later in this section.
These type of groups are generally created based on the hierarchy or physical division of employees of an organization. A user or employee typically belongs to only one department designated as that employee’s Principal Group. Users can belong to more than one department, but only one of them can be assigned principally.
Each user of the E-Flow Suite has a group that includes only themselves at the beginning. Other users can be added to the group if the user (or administrator) decides to assign later. In this way, the new user will also have the same access to tasks as the original user or can act as a proxy for that user.
All users can create a group, add and remove users and other groups, and use the group for security purposes. Processes regarding the User-defined groups can only be conducted by the user who is the creator of the group.
There are several built-in roles that have a particular role in E-Flow Server Security. They are explained below:
Those in this group can access all tasks, groups and security functions of the server. The members of this group should be limited and a special account should be created for them in order to manage the server.
Allows a user to access the E-Flow Designer app. Users in this group are allowed to edit and create processes to be stored on the server.
The users who are assigned with this role can add, remove or continue the users sharing the main group. In this way, management based on division is ensured.
Other Pre-Defined Groups:
Each group covers all users. Any user cannot be added or removed from this group.
This specific group only allows to a safe object or resource holder user for access. In many cases, the person will be the one who initiates an operation on Web Interface manually. Initiator group is used as predefined, that is valid for most security settings.
It allows subordinates of the owner of an object to access a resource. Subordinates are defined as the users where “Reports to Whom” section is set to the resource owner.
It gives an access to a resource owner on the condition of being the person specified in the definition “Reports to Whom”.
Access with Password
Each E-Flow Suite user has their own usernames and passwords.
A supervisor or system administrator has right to access to the account of the user who does not come to work on a particular day, in order to make their assignment invalid.