Overview
Authentication & Roles
Under the Admin tab “Accounts administration” the relationships between users, organizations, and projects within the SDM platform.
.png)
The management and access to these resources depend on the roles and permissions granted within an organization.
The core entities involved are Organizations, Users, and Projects.
- Organization: Represents a company or group that manages several projects. Organizations also have a set of reference bases and connectors.
- User: Represents individuals who have access to an organization’s resources and can manage projects based on their role.
- Project: centralizes individual sets of steps (workflows). Each project is linked to one organisation. (more info about projects here.)
- Admin Scopes: These are specific admin configurations that define user roles and access rights across different organizations.
Configuration
Organizations
The Organization Page is where users can view and manage details related to the organization they belong to. Here are the main components:
-
Is Active: Displays whether the organization is currently active, which provides us with the means to remove access to the interface for an organization, if set to
false.
- Akeneo Customer ID: A unique Akeneo company identifier (UUID) assigned to the organization.
- FTP Allowed: Indicates whether FTP access is enabled for the organization. FTP is used when a client needs an automated integration like ETL (Extract, Transform, Load).
- Users: List of users within the organization.
- Projects: List of all projects associated with the organization.
- Reference Bases: Information will be provided during match history reviews.
- Connectors: Information will be provided during connector reviews. -LINK-
As of today, SDM mainly creates organisations per user account. Meaning that it is not possible to have a view with multiple organisations.
Users
The Users Page provides detailed information about individual users within the organization.
- Organization: the organization the user belongs to. Important: a user can currently only belong to a single organization. This will probably change in the future.
- Permissions - Is organization admin flag: This flag marks the user as an admin for his/her organization, giving access to the Organisation admin section in the frontend app.
-
Permissions - Admin role: Permissions control what users can do within an organization. There are four predefined roles:
- superuser: Full CRUD (create/read/update/delete) access.
- support: CRU without D.
- staff: R - Can only read data.
-
---: No admin access.
Admin Scopes Page
Admin scopes define which organizations and users a specific administrator can manage. It is particularly useful for clients managing several organizations. By configuring scopes, each admin can have precise control over specific organizations without interfering with others.
- Scope: A scope belongs to a partner organization.
- Connection: One or more organizations and users are connected to an admin scope.
Interface
Organisation menu
New user can be created and added from the front-end with admin or user access levels
User Settings
Interface languages are set from the front end (only French and English), email notifications as well.
Limitations & Recommendations
- Role Restrictions: The existing permission system does not have enough flexibility to cover scenarios such as the ability to grant access to only a select few projects or jobs to specific users within the same organization.
- Known bug: setting the option “ftp allowed” to True in the User page will cause an HTTP 500 if the organization does not also have the option set to True.