Setting Up Permissions for the Address Book
For the Personal Address Book or shared address book, set the following permissions in the organization, user, or role level
- Permission
The permissions in the address book vary by security model.
The default setting is set to "REVOKE (All users have access except users on list)". This allows all users to use the Address Book.
For information on user rights, see User Rights and Prioritized Access Permissions.
Setting Permissions
The example shows how to set access permissions when the security model is "GRANT (Only users on list have access)".
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Address Book.
-
Click Permission settings.
-
On the "Permissions Settings" screen, confirm that "GRANT (select target allowed)" has been selected in the security model.
If the "REVOKE (select target for restriction)" option is selected, change to "GRANT (select target)".
For details, refer to Changing the Security Model. -
Click Add.
-
On the "Add Permissions" screen, select the organization, user, or role to set permissions, and then click Add.
To select a role, switch the view to the "Roles" tab.
When you switch tabs after clicking Add, the selected organizations, users, or roles are cleared before you switch. -
Under "User rights", select the address book you want to use, and click Add.
The following choices are displayed
- Cannot be used.
- Shared Address Book only
- Personal Address Book only
Combination of Permissions
If you limit the actions of the Address Book using permissions, the Personal Address Book and the shared address Book are displayed on the Address Book screen of the logged-in user.
User screens that can use both Personal Address Books and Shared Address Books:
User screens that cannot use both Personal Address Books and Shared Address Books:
If the security model is "GRANT (Only users on the list have access)"
This section describes a security model of permission for Daisuke Kato as a "GRANT (selecting a target)" example.
- Example of Allowing Daisuke Kato to Perform Actions on Both Personal Address Books and Shared Address Books:
Grant Daisuke Kato all permissions. - Example of Allowing Daisuke Kato to Perform Actions on Personal Address Books:
Grant Daisuke Kato permission only for the personal Address Book. - Example of Allowing Daisuke Kato to Perform Actions on Shared Address Books:
Grant Daisuke Kato permission only for shared address books. - Example of Prohibiting Daisuke Kato to Perform all Operations:
You can delete Daisuke Kato from the user rights list.
If the security model is "REVOKE (All users have access except users on the list)"
The security model of permissions for Daisuke Kato is described as an example of "REVOKE (selecting a restricted target)".
- Example of Prohibiting Daisuke Kato to Perform Actions on Both Personal Address Books and Shared Address Books:
Grant the disabled permission to Daisuke Kato. - Example of Prohibiting Daisuke Kato to Perform Actions on Personal Address Books:
Grant Daisuke Kato permission only for shared address books. - Example of Prohibiting Daisuke Kato to Perform Actions on Shared Address Books:
Grant Daisuke Kato permission only for the personal Address Book. - Example of Allowing Daisuke Kato to Perform all Operations:
You can delete Daisuke Kato from the user rights list.
Deleting Permissions
You can delete the permissions for users and organizations in the Address Book.
If you delete permissions, actions that users can perform changes as follows depending on the security model:
- If the security model is "GRANT (Only users on list have access)":
Users who were deleted the permissions or users who belonged to the organizations or roles that lost permissions no longer be able to work with items they previously could. - If the security model is "REVOKE (All users have access except users on list)":
Users who were deleted the permissions or users who belonged to the organizations or roles that lost permissions can now work with items they prohibited to use.
Selecting and Deleting Permissions
You can select permissions and delete them.
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Address Book.
-
Click User Permissions.
-
On the "Permissions Settings" screen, select the checkboxes for the permissions you want to delete, and then click Delete.
-
Click Yes on the "Delete all Permissions" screen.
Deleting All Permissions
You can delete all permissions.
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Address Book.
-
Click User Permissions.
-
On the "User Permissions" screen, click Delete all.
-
Click Yes on the "Delete all permissions" screen.