Bayanat has a simple permissions system with standard and additional permissions.
The user management dashboard allows administrators to add new users and to modify existing users' access to the system. Each user has a profile with fields to identify them and determine their level of access.
Name of the user as it appears to other users.
Email or Username that's used by the user to log into the system.
Can be used to create a new password for the user.
User group which the user belongs to. If the user is active and doesn't belong to any group, they will have a read-only access to the system.
This switch indicate that the user is active and can use their credentials to access the system. Turning off this switch disables the user's access to the system.
There are three additional permissions that can be added or removed to individual users.
Typically users can see other users' names in the system. This permission allows the administrator to disable this for certain users. This will replace the users' names with aliases based on the users' IDs in the system (e.g. user15). This can be useful when providing access to people outside the organization.
This permission allows the administrator to disable access to simple (list view) log of changes for items in Actors, Bulletins and Incidents tabs for certain users.
This permission allows the administrator to disable access to the full (detailed view with diff) log of changes for items in Actors, Bulletins and Incidents tabs for certain users.
Bayanat has four levels of access for active users.
Users that don't belong to any group have read only access. They can view items in Actors, Bulletins and Incidents tabs without being able to edit items. This level is useful for members of the organization who don't require edit permissions or outside users such as researchers or investigators.
Users in this group have read and conditional write permissions. They can use view items in Actors, Bulletins and Incidents tabs, and they can only edit items assigned to them. Additionally, they can review items assigned to them for peer review without actually editing these items.
Users in this group have the same access as Data Analysts. Additionally, they have read and write access to Labels, Sources, Event Types and Locations as well as bulk-update that allows them to help manage the system.
Users in this group have unrestricted access to all actions on the front end. They have read and write access on all items in all tabs. Additionally, they can view the Activity Monitor and manage the users of the system.