OX Permission Level

From Open-Xchange

OX Permission Level Matrix

OX HE/SE allows to provide different permission levels to the users.

The levels start with pure webmail-only functionality and end with the full featured groupware product including all connectors and are described in the first table.

  • Webmail contains pure webmail functionality including a private addressbook
  • PIM (Private Information Management) adds private calendar and private tasks, no group or sharing capabilities are available
  • PIM + Mobility adds mobile synchronisation to the PIM level
  • PIM + InfoStore adds private InfoStore functionality to the PIM level
  • Groupware Standard includes all group and sharing capabilities as well as the InfoStore
  • Groupware Premium adds all external connectors and mobile synchronisation to Groupware Standard

In addition to this levels, OX HE/SE contains several functions, which can flexible be used with every level. This functions are described in the second table.


How to read the Matrix

Definition
Mandatory This column defines the options, which must not be changed for this level
Default This column lists the options, which are activated per default for this level
API Parameter Related parameter in the RMI, SOAP and CLT API - described in the Provisioning Documentation
   
and/or Minimum one of this options need to be activated in this level
  Fields in this color define the most important differentiator to the next lower level



Matrix - Permission Levels

This table describes the mandatory parameters for the different permission levels.

OX Base Levels    Functionality   Default Requirements / Description   API Parameter
Webmail

Webmail only

Email Mandatory.png Check.gif     webmail
Contacts Mandatory.png Check.gif     contacts
             
PIM
Private use only
No sharing, no group functions.
Email Mandatory.png Check.gif The absence of other features defines this level   webmail
Contacts Mandatory.png Check.gif   contacts
Calendar Mandatory.png Check.gif   calendar
Global Addressbook Optional.png     globaladdressbookdisabled
Tasks Optional.png Check.gif     tasks
             
PIM + Mobility
Private use only
No sharing, no group functions
Enabled for mobile synchronization
Email Mandatory.png Check.gif     webmail
Contacts Mandatory.png Check.gif     contacts
Calendar Mandatory.png Check.gif     calendar
USM Mandatory.png Check.gif Technical Requirement   usm
Active Sync Optional.png Check.gif This defines the level
At least one of these needs to be set
Typically "Active Sync"
  activesync
Mobile App Optional.png Check.gif   tbd
SyncML Optional.png Check.gif   syncml
Global Addressbook Optional.png     globaladdressbookdisabled
Tasks Optional.png Check.gif     tasks
           
PIM + InfoStore
Private use only
No sharing, no group functions
Enabled for document storage.
Email Mandatory.png Check.gif     webmail
Contacts Mandatory.png Check.gif     contacts
Calendar Mandatory.png Check.gif     calendar
InfoStore Mandatory.png Check.gif This combined with the absence of other switches defines the level
  infostore
Global Addressbook Optional.png     globaladdressbookdisabled
Tasks Optional.png Check.gif     tasks
             
Groupware Standard
Full Groupware functionality
Access restricted to Web GUI
Email Mandatory.png Check.gif     webmail
Contacts Mandatory.png Check.gif     contacts
Calendar Mandatory.png Check.gif     calendar
Tasks Mandatory.png Check.gif     tasks
Shared Folders Mandatory.png Check.gif This defines the level
All need to be set together
  readcreatesharedfolders
Public Folders Mandatory.png Check.gif   editpublicfolders
Task Delegation Mandatory.png Check.gif   delegatetask
Global Addressbook Optional.png     globaladdressbookdisabled
InfoStore Optional.png Check.gif     infostore
             
Groupware Premium
Full Groupware functionality
All external clients enabled (Mobility, Outlook, Mac)
Email Mandatory.png Check.gif     webmail
Contacts Mandatory.png Check.gif     contacts
Calendar Mandatory.png Check.gif     calendar
Tasks Mandatory.png Check.gif     tasks
Shared Folders Mandatory.png Check.gif Technical Requirement   readcreatesharedfolders
Public Folders Mandatory.png Check.gif Technical Requirement   editpublicfolders
Task Delegation Mandatory.png Check.gif     delegatetask
Global Addressbook Mandatory.png Check.gif Technical Requirement   globaladdressbookdisabled
USM Mandatory.png Check.gif Technical Requirement   usm
OLOX2 Optional.png Check.gif This defines the level
At least one of these needs to be set.
Typically OLOX2 and Active Sync
  olox20
Active Sync Optional.png Check.gif   activesync
Mobile App Optional.png Check.gif   tbd
SyncML Optional.png Check.gif   syncml
InfoStore Optional.png Check.gif     infostore



Additional Flexible Functions

The following functions can be added flexible to each permission level.

Additional Functions   Default Requirements / Description   API Parameter
Minimum Webmail Collect Emailaddresses Email addresses typed into sent/reveived emails can be saved automatically in a dedicated folder   collectemailaddresses
Edit Password If a plugin to change the own password is installed on the system, it will be displayed in the settings area   editpassword
         
Minimum PIM Multiple Mailaccounts The user can use external IMAP/POP3 Mailaccounts within the OX WebGUI. Starting with 6.20 this can be configured per email service   multiplemailaccounts
Subscriptions The user can subscribe to external/social datasources, like LinkedIN, XING, Facebook, Gmail, .... Starting with 6.20 this can be configured per subscription service   subscriptions
Publications The user can publish his own data (contacts/documents) for other users in the internet   publication
         
Minimum PIM + InfoStore WebDAV Allows WebDAV access to InfoStore documents; Requires InfoStore   webdav
         
Minimum GW Standard Manage Resources The user is allowed to create and manage resources for the whole company   editresource
Manage Groups The user is allowed to create and manage groups for the whole company   editgroup
         
Minimum GW Premium vCard The user is allowed to create and manage resources for the whole company   vcard
iCal The user can download all his contacts via the iCal interface   ical