Assign permissions to a user
Objective
Define the access level (NONE, READ, WRITE, ADMIN, ALL) that a user will have on each submodule of the system.
Before starting
- Have
USERS: WRITE. - Know the active submodules and the available levels.
- Have clear the scope of the user's role.
Step by step
- Enter the Users and permissions module.
- Locate the user.
- In the row, click the Permissions icon (lock).
- The permissions dialog opens with the list of submodules.
- For each submodule, select the access level:
NONE: no access.READ: read only.WRITE: read and write.ADMIN: read, write and administration.ALL: total access (use with caution).
- Confirm with Save.
Expected result
- The dialog closes.
- The user's permissions are updated.
- The system shows a success message.
- If the user is connected, the change can apply in their current session (via socket). If not, it will apply in the next session.
Pending: add screenshot of
usuarios-permisos-01-dialogo.png.
Common errors
| Situation | What to do |
|---|---|
| The Permissions icon does not appear | The user does not have USERS: WRITE. |
| The change is not reflected immediately | Ask the user to reload the page or close and open the session. |
| The user does not see modules in the sidebar | Verify that they have READ (or higher) in each module they need to see. |
Suggested permissions
USERS: WRITE.
Operational recommendations
- Apply the principle of least privilege: only the strictly necessary permissions.
- Document the relevant permission changes (for example, when a user is promoted from reception to coordination).
- Periodically review users with
ADMINorALLlevel to avoid accumulation of privileges.
Relation with other modules
- Modules and Submodules: permissions are assigned on the active submodules.
- Special actions: some additional capabilities (such as
SHOW_LOGS) are validated independently of the access level per submodule. - Audit log: permission changes are recorded.