The Multi-Organization
Access Rights module is an extension of the Agile
e6 role concept. It allows an organization-oriented management and
control of access rights for documents or items, especially in the extended
enterprise. Multi-organization environments can be found in companies that need to manage several organizational units (departments, business units etc.). In a multi-organization environment, objects such as items and documents are managed/owned by organizational units. The members of an organizational unit (users) are explicitly granted access to the objects assigned to the organizational unit. However, objects of other organizational units may be used in special cases, too. |
|
In the Multi-Organization Access Rights module users are assigned to organizational units via job functions, a standard entity in the role concept. While every user can play different roles in one or more organizations, a mechanism is provided to activate a single organization in the current session. Based on the current active organization, the user's view on the whole data set is limited to a subset with data relevant for this organization. Certain objects are filtered out depending on the object structure and the view a user has on the organization. Objects are items, documents and folders. | |
The following
diagramm depicts how the main elements in the Multi-Organization Access
Rights module are connected to each other: |
|
Access Rights
|
|
The following diagram of a
more complex multi-organization environment depicts the visibility of
documents/items for different users: Since the HR
Manager stands at the top of the organizational structure, he/she is granted
access to all documents assigned to the organizational units respectively
their subordinate organizational units. |
|
|
|
The view on
the data set can vary due to a number of actions that may influence the
number of displayed records:
|