Effects of specific Container membership

Owned by Anders Kastberg
Last updated: 14 Dec 2018 by René Pape
2 min read
  • All users that are members of a Top level agency has access to all Containers within that agency's Country, with the rights given by the assigned role in user management.
  • In a reconciliation context, the rules of file disclosure and agency-induced global rights applies, not the specific container role from the Containers of participating files. The rules of file disclosure can be found here: Linking and Reconciliation (Flow & lingo).  The general rule is that if the two files are from the same agency, no file disclosure is needed.

  • Losing your global rights on activating a file from a Container 
    When you start the system, you can see your current role in the status bar at the bottom of the screen (available from version 5.1.0.3) :

    You will always be able to track your current role in the status bar. 

    Once you activate a file from a container where your rights are different from your agency-based global rights, the rights of the current active file kick in globally. In this example an Administrator users rights are reduced to be Read Only: 

    The user can return to the "normal" state by clicking   
     

    Assigning container roles to users

    You should not give a user access to administrative operations through a role in a container that she doesn't already have. Potentially this could be taken advantage of while the file is active.
    E.g. If the user globally has a Read Only role through the agency and she is given Admin rights in a specific Container, then while a file from that particular container is active, she has all the rights of an Administrator in the system and can mess with stuff she's not supposed to mess with.