- All users that are members of a Top level agency has access to all Containers within that Country, with the rights given in user management.
- In a reconciliation context, the rules of file disclosure applies, not the Container role. The rules of file disclosure can be found here: Linking and Reconciliation (Flow & lingo).
Losing you're global rights on activating a file from a Container
When you start the system, you can see your current role in the statusbar at the bottom of the screen (available from version 5.1.0.3) :
You will always be able to track you're current role in the statusbar.
Once you activate a file from a container where you're rights are different from your global rights, these rights kick in globally. In this example an Administrator users rights are reduced to be Read Only:
The user can return to the "global" state by clicking on
Warning title Assigning container roles to users You should not give a user access to administrative operations through a role in a container that she doesn't already have. Potentially this could be taken advantage of while the file is active.
E.g. If the user globally has a ReadOnly Read Only role and she is given Adm rights in a specific Container, then while a file from that particular container is active, she has all the rights of an Administrator in the system and can mess with stuff she's not supposed to.
...