User and Group Management
PrimeAgile manages person, users and groups independently. A person may or may not have a user account. A user may or may not be a person. A user may be a member of more than one group for more than one client.
Clients represent entities or groups using PrimeAgile. Clients are managed independent of any website, aplication or service. An instance of PrimeAgile can be migrated from one client to another client and can have access granted to more than one client.
Members of groups with privileges for that client can make modifications areas granted privileges by that client.
Members of groups with privileges for a client can manage any primeagile services that client has access to based on privleges within that client.
As of version 3.2 groups can be assigned privileges for service actions, and can be assigned to specific clients. Additionally a group may be assigned a permission set inheriting all of the permissions for a permission set. This makes it much easier to create client specific groups.
A Permission set is a group of permissions which can be applied to a specific group.
If for example a new administrative group is added for a particular client, rather than selecting the several hundred of service actions that we want to grant to that new administrative group, we can just assign that group the administrative permission set and the new group will inherit all of the privileges of the administrative permission set. Additional permissions can be added individually by service action, or by adding additional permission sets to the new group.
When a service is initialized or updated on a server for the first time permissions sets configured for that service are automatically updated with new or updated permissions.
Users are accounts on the system, that have permissions via groups to do things on the system. It may be a person, it may be a scheduled task, it may be separate PrimeAgile system, or any other third party application.
When added to one or more groups the user receives all of the privileges of that group and currently access to the same clients as that group.
In future versions Users would be granted privileges to a group for particular clients so that the same groups can be used without creating new groups for each client.
In other words group and client priveleges combined determine access within a client.
Persons are completely different than users.
A person may or may not have an account on any system. How persons are managed depends on the implementation details for each client. For more information see the Persons or Profiles Building Block. This building block can be used to manage any kind of profiles as part of an e-commerce tool, social networking application, sales tool or many other types of applications.
Confirmed persons can be confirmed via a phone number or e-mail address.