OX Permission Level: Difference between revisions
From Open-Xchange
(94 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
{{VersionTo|7.4.1}} | |||
''Note: This represents the state of OX6 and AppSuite until v7.4.1. For the newer implementation, see [[AppSuite: Permission Level]].'' | |||
= OX Permission Level Matrix= | |||
OX HE/SE/App Suite allows to provide different permission levels to the users. | |||
== | The levels start with pure webmail-only functionality and end with the full featured groupware product including all connectors and are described in the first table. | ||
* '''Webmail''' contains pure webmail functionality including a private addressbook | |||
* '''PIM''' (Private Information Management) adds private calendar and private tasks, no group or sharing permissions are available | |||
* '''PIM + Mobility''' adds mobile synchronisation to the PIM level | |||
* '''PIM + InfoStore''' adds private InfoStore functionality to the PIM level | |||
* '''Groupware Standard''' includes all group and sharing permissions as well as the InfoStore | |||
* '''Groupware Premium''' adds all external connectors and mobile synchronisation to Groupware Standard | |||
In addition to this levels, OX HE/SE/App Suite contains several functions, which can flexible be used with every level. This functions are described in the second table. | |||
== How to read the Matrix == | |||
{| | {| | ||
|- | |- | ||
! | ! !! Definition | ||
|- | |||
| '''Mandatory''' || This column defines the options, which must not be changed for this level. '''This is a technical requirement and necessary for the correct functioning of OX HE/SE/App Suite''' | |||
|- | |||
| '''Default''' || This column lists the options, which are activated per default for this level | |||
|- | |- | ||
| [ | | '''API Parameter''' || Related parameter in the RMI, SOAP and CLT API - described in the [http://software.open-xchange.com/OX6/doc/OX6-Provisioning.pdf Provisioning Documentation] | ||
|- | |- | ||
| | | || | ||
|- | |- | ||
| | | '''and/or''' || Minimum one of this options need to be activated in this level | ||
|- | |- | ||
|style="background-color:#C0C0C0" | || Fields in this color define the most important differentiator to the next lower level | |||
|} | |} | ||
== | == Matrix - Permission Levels == | ||
This table describes the mandatory parameters for the different permission levels. | |||
{| | {| | ||
|- | |- | ||
! OX Base Levels !! Functionality !! | ! OX Base Levels !! Functionality !! Mandatory (technical requirement) !! Default !! Requirements / Description !! !! API Parameter | ||
|- | |||
| rowspan="2" | '''Webmail''' | |||
Webmail only | |||
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || webmail | |||
|- | |||
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || contacts | |||
|- | |||
| || || || || || || | |||
|- | |||
| rowspan="5" | '''PIM'''<br>Private use only<br>No sharing, no group functions. | |||
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || rowspan="3" | The absence of other features defines this level || || webmail | |||
|- | |||
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || contacts | |||
|- | |||
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || calendar | |||
|- | |||
|Global Addressbook || || [[File:Cross_gray.gif]] || || || globaladdressbookdisabled | |||
|- | |||
|Tasks || || [[File:check.gif]] || || || tasks | |||
|- | |||
| || || || || || || | |||
|- | |||
| rowspan="9" | '''PIM + Mobility'''<br>Private use only<br>No sharing, no group functions<br>Enabled for mobile synchronization | |||
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || webmail | |||
|- | |||
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || contacts | |||
|- | |||
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || calendar | |||
|- | |||
|style="background-color:#F0F0F0" | USM ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || usm | |||
|- | |- | ||
|style="background-color:#C0C0C0" | Active Sync ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="2" | This defines the level<br>At least one of these needs to be set<br>Typically "Active Sync"|| || activesync | |||
|style="background-color:# | |||
|- | |- | ||
|style="background-color:# | |style="background-color:#C0C0C0" | SyncML ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || || syncml (deprecated) | ||
|- | |||
|Global Addressbook || || [[File:Cross_gray.gif]] || || || globaladdressbookdisabled | |||
|- | |||
|Tasks || || [[File:check.gif]] || || || tasks | |||
|- | |- | ||
| || || || || || | | || || || || || | ||
|- | |- | ||
| rowspan=" | | rowspan="6" | '''PIM + InfoStore''' <br>Private use only<br>No sharing, no group functions<br>Enabled for document storage. | ||
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || | |style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || webmail | ||
|- | |||
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || contacts | |||
|- | |||
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || calendar | |||
|- | |||
|style="background-color:#C0C0C0" | InfoStore ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || This combined with the absence of other switches defines the level <br> || || infostore | |||
|- | |||
|Global Addressbook || || [[File:Cross_gray.gif]] || || || globaladdressbookdisabled | |||
|- | |||
|Tasks || || [[File:check.gif]] || || || tasks | |||
|- | |||
| || || || || || || | |||
|- | |||
| rowspan="9" | '''Groupware Standard'''<br>Full Groupware functionality<br>Access restricted to Web GUI | |||
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || webmail | |||
|- | |||
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || contacts | |||
|- | |||
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || calendar | |||
|- | |||
|style="background-color:#F0F0F0" | Tasks ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || tasks | |||
|- | |||
|style="background-color:#C0C0C0" | Shared Folders ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="3" | This defines the level<br>All need to be set together || || readcreatesharedfolders | |||
|- | |||
|style="background-color:#C0C0C0" | Public Folders ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || || editpublicfolders | |||
|- | |||
|style="background-color:#C0C0C0" | Task Delegation ||style="background-color:#C0C0C0" | [[File:check.gif]] ||style="background-color:#C0C0C0" | [[File:check.gif]] || || delegatetask | |||
|- | |||
|style="background-color:#F0F0F0" | Global Addressbook ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || globaladdressbookdisabled | |||
|- | |||
|InfoStore || || [[File:check.gif]] || || || infostore | |||
|- | |||
| || || || || || || | |||
|- | |||
| rowspan="16" | '''Groupware Premium'''<br>Full Groupware functionality<br>All external clients enabled (Mobility, Outlook, Mac) | |||
|style="background-color:#F0F0F0" | Email ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || webmail | |||
|- | |||
|style="background-color:#F0F0F0" | Contacts ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || contacts | |||
|- | |||
|style="background-color:#F0F0F0" | Calendar ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || calendar | |||
|- | |||
|style="background-color:#F0F0F0" | Tasks ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || tasks | |||
|- | |||
|style="background-color:#F0F0F0" | Shared Folders ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || readcreatesharedfolders | |||
|- | |||
|style="background-color:#F0F0F0" | Public Folders ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || editpublicfolders | |||
|- | |||
|style="background-color:#F0F0F0" | Task Delegation ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || delegatetask | |||
|- | |||
|style="background-color:#F0F0F0" | Global Addressbook ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || globaladdressbookdisabled | |||
|- | |||
|style="background-color:#F0F0F0" | USM ||style="background-color:#F0F0F0" | [[File:check.gif]] ||style="background-color:#F0F0F0" | [[File:check.gif]] || || || usm | |||
|- | |||
|style="background-color:#C0C0C0" | OLOX2 ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || rowspan="4" | This defines the level<br>At least one of these needs to be set.<br>Typically OLOX2 and Active Sync || || olox20 | |||
|- | |||
|style="background-color:#C0C0C0" | OLOX (Legacy) ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || || webdavxml (deprecated) | |||
|- | |||
|style="background-color:#C0C0C0" | Active Sync ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || || activesync | |||
|- | |||
|style="background-color:#C0C0C0" | SyncML ||style="background-color:#C0C0C0" | and/or ||style="background-color:#C0C0C0" | [[File:check.gif]] || || syncml (deprecated) | |||
|- | |||
|InfoStore || || [[File:check.gif]] || || || infostore | |||
|- | |||
|iCal Access || || [[File:check.gif]] || || || ical (deprecated) | |||
|- | |||
|vCard Access || || [[File:check.gif]] || || || vcard (deprecated) | |||
|- | |- | ||
|} | |} | ||
<br> | |||
<br> | |||
== Additional Flexible Functions == | |||
The following functions can be added flexible to each permission level. | |||
{| | |||
|- | |||
! Additional Functions !! Default !! Requirements / Description !! !! API Parameter | |||
|- | |||
| rowspan="2" | '''Minimum Webmail''' | |||
|Collect Emailaddresses || Email addresses typed into sent/reveived emails can be saved automatically in a dedicated folder || || collectemailaddresses | |||
|- | |||
|Edit Password || If a plugin to change the own password is installed on the system, it will be displayed in the settings area || || editpassword | |||
|- | |||
| || || || || | |||
|- | |||
| rowspan="3" | '''Minimum PIM''' | |||
|Multiple Mailaccounts || The user can use external IMAP/POP3 Mailaccounts within the OX WebGUI. Starting with 6.20 this can be configured per email service || || multiplemailaccounts | |||
|- | |||
|Subscriptions || The user can subscribe to external/social datasources, like LinkedIN (removed since 7.10.0), XING, Facebook, Gmail, .... Starting with 6.20 this can be configured per subscription service || || subscriptions | |||
|- | |||
|Publications || The user can publish his own data (contacts/documents) for other users in the internet || || publication | |||
|- | |||
| || || || || | |||
|- | |||
| '''Minimum PIM + InfoStore''' | |||
|WebDAV || Allows WebDAV access to InfoStore documents; Requires InfoStore || || webdav | |||
|- | |||
| || || || || | |||
|- | |||
| rowspan="2" | '''Minimum GW Standard''' | |||
|Manage Resources || The user is allowed to create and manage resources for the whole company || || editresource | |||
|- | |||
|Manage Groups || The user is allowed to create and manage groups for the whole company || || editgroup | |||
|- | |||
| || || || || | |||
|- | |||
| rowspan="2" | '''Minimum GW Premium''' | |||
|vCard || The user can download all his contacts via the vCard interface || || vcard (deprecated) | |||
|- | |||
|iCal || The user can download all his contacts via the iCal interface || || ical (deprecated) | |||
|- | |||
|} |
Latest revision as of 08:19, 8 February 2018
This information is valid until 7.4.1 (included)
Note: This represents the state of OX6 and AppSuite until v7.4.1. For the newer implementation, see AppSuite: Permission Level.
OX Permission Level Matrix
OX HE/SE/App Suite allows to provide different permission levels to the users.
The levels start with pure webmail-only functionality and end with the full featured groupware product including all connectors and are described in the first table.
- Webmail contains pure webmail functionality including a private addressbook
- PIM (Private Information Management) adds private calendar and private tasks, no group or sharing permissions are available
- PIM + Mobility adds mobile synchronisation to the PIM level
- PIM + InfoStore adds private InfoStore functionality to the PIM level
- Groupware Standard includes all group and sharing permissions as well as the InfoStore
- Groupware Premium adds all external connectors and mobile synchronisation to Groupware Standard
In addition to this levels, OX HE/SE/App Suite contains several functions, which can flexible be used with every level. This functions are described in the second table.
How to read the Matrix
Definition | |
---|---|
Mandatory | This column defines the options, which must not be changed for this level. This is a technical requirement and necessary for the correct functioning of OX HE/SE/App Suite |
Default | This column lists the options, which are activated per default for this level |
API Parameter | Related parameter in the RMI, SOAP and CLT API - described in the Provisioning Documentation |
and/or | Minimum one of this options need to be activated in this level |
Fields in this color define the most important differentiator to the next lower level |
Matrix - Permission Levels
This table describes the mandatory parameters for the different permission levels.
Additional Flexible Functions
The following functions can be added flexible to each permission level.
Additional Functions | Default | Requirements / Description | API Parameter | |
---|---|---|---|---|
Minimum Webmail | Collect Emailaddresses | Email addresses typed into sent/reveived emails can be saved automatically in a dedicated folder | collectemailaddresses | |
Edit Password | If a plugin to change the own password is installed on the system, it will be displayed in the settings area | editpassword | ||
Minimum PIM | Multiple Mailaccounts | The user can use external IMAP/POP3 Mailaccounts within the OX WebGUI. Starting with 6.20 this can be configured per email service | multiplemailaccounts | |
Subscriptions | The user can subscribe to external/social datasources, like LinkedIN (removed since 7.10.0), XING, Facebook, Gmail, .... Starting with 6.20 this can be configured per subscription service | subscriptions | ||
Publications | The user can publish his own data (contacts/documents) for other users in the internet | publication | ||
Minimum PIM + InfoStore | WebDAV | Allows WebDAV access to InfoStore documents; Requires InfoStore | webdav | |
Minimum GW Standard | Manage Resources | The user is allowed to create and manage resources for the whole company | editresource | |
Manage Groups | The user is allowed to create and manage groups for the whole company | editgroup | ||
Minimum GW Premium | vCard | The user can download all his contacts via the vCard interface | vcard (deprecated) | |
iCal | The user can download all his contacts via the iCal interface | ical (deprecated) |