Use cases for permission management

Below you will find some examples of use cases in which the konfipay permission concept is used to implement special access rights or restrictions. The additive combination of functional permissions and content restrictions means that practically any special case can be mapped.

Example

User permissions in the permission matrix

User should have full functional permissions, but not be able to see salary payments.

Implementation:

User group Vollzugriff
Own user group No SALA that has no functional permissions and restricts payment type "SALA"

→ Functional permissions and content restrictions are additive, i.e. the user receives the permissions from the group Full access and the restrictions from the group No SALA

User should be able to work in the client, but not be able to view all data for the bank account DE89 3704 0044 0532 0130 00.

Implementation:

User group Anwender
Own user group No DE89 that has no functional permissions and restricts access to the account

→ Functional permissions and content restrictions are additive, i.e. the user receives the permissions from the group Users and the restrictions from the group No DE89

User should receive full function permissions, but only be able to see data on the bank account DE89 3704 0044 0532 0130 00.

Implementation:

User group Vollzugriff
Own user group DE89 only that has no functional permissions and only allows access to the account

→ Functional permissions and content restrictions are additive, i.e. the user receives the permissions from the group Full access and the restrictions from the group DE89 only