Appearance
Permissions
Permissions, policies and roles are configured in AireIdentity.
Resource Restrictions
Resource restrictions are used to restrict access to specific resources based on the user's roles. They are defined by using the policy feature in AireIdentity.
Example: Subject Custom Field Values
Given you have a custom field called firstName within the group personal-details and the subject subject1.
You can define the following statements:
Field/*- This targets all fields for all subjects.Field/firstName- This targets the fieldfirstNamefor all subjects.FieldGroup/*- This targets all field groups for all subjects.FieldGroup/personal-details- This targets the grouppersonal-detailsfor all subjects.Subject/*- This targets all fields for all subjects.Subject/subject1- This targets all the fields for the subjectsubject1.Subject/subject1/Field/firstName- This targets the fieldfirstNamefor the subjectsubject1.Subject/subject1/FieldGroup/personal-details- This targets the grouppersonal-detailsfor the subjectsubject1.
Example: Form Creation
Given you have a form with key my-form within the classification test-forms.
You can define the following statements:
Form/*- This targets all formsForm/my-form- This targets the formmy-formfor all subjects.Classification/*- This targets all form classifications.Classification/test-forms- This targets all the forms for the classificationtest-forms
Portal Users
Portal users do not use roles configured in AireIdentity. Instead, they have a defined set of permissions managed by the application. This means all portal users have the same permissions, which allows them to do everything the need within the portal, and nothing more.
The one caveat to note is that resource restrictions for external systems such as AireFlow and AireForms do not apply to portal users. For AireFlow tasks, portal users can only transition tasks from 'New' to 'InProgress' and edit any Forms related to the task.
Portal users cannot add forms outside of form tasks.