|You are here: Globodox Security > Roles >Learn about Roles|
Roles let you group privileges and assign them to multiple users. This reusability makes managing security simpler. Roles also help in scenarios where an employee has been transferred or has left the organization. Simply assigning a new employee to the earlier employee’s role ensures that much of the information accessible to the earlier employee immediately becomes accessible to the new employee.
A user can be assigned to multiple roles but must be assigned to at least one role.
To decide if a user is allowed to perform a particular action, Globodox checks if a privilege corresponding to that action has been granted to the user. However Privileges are not directly granted to users. Privileges are granted to Roles and users assigned to those Roles inherit the privileges from the Roles.
By default the following built-in roles are available...
SuperAdmin: This is the most powerful role in Globodox and cannot be deleted. The SuperAdmin role is provided with all privileges by default. In addition the Superadmin is also automatically allowed all permissions for all Globodox DBs, document types, tags and documents that are created by any user.
Admin: Users in this role can perform admin tasks such as creating, modifying or deleting stack types, document types etc.
Writer (Owned &Shared Items): Users in this role can view, add, modify or delete items which are owned by them and items that have been assigned to them. By default this role is assigned to a newly created user.
Writer (All Items): Users in this role can view, add, modify or delete all items except for items that they have been restricted from viewing.
Reader (All Items): Users in this role can view all items except for items that they have been restricted from viewing.
Reader (Owned & shared Items): Users in this role can only view items which are owned by them and items that have been assigned to them.