Role & Permission Model

AppNavi has an easy-to-use but comprehensive roles and permissions concept. There are three main stages in this process:

  • Tenant
  • Workspace
  • Content

Users are always at the tenant level. A user can thus be authorized to different subscriptions. The user object itself, however, always belongs to a tenant. Content such as routes, posts, etc. is always assigned to a workspace and can only be used within a subscription.

RoleDescription
Tenant OwnerA tenant owner has all the permissions to manage the whole tenant. For example, he can change tenant settings, create applications, workspaces and manage users. Moreover, the tenant owner has all the permissions of the underlying user roles.
OwnerA Workspace Owner has all the permissions to create users and manage content within the Workspace Users authorized for him. The owner does not have access to tenant settings or the right to manage applications.
ContributorThe contributor may create and edit content but may not make structural changes to the system. For example, the contributor can create, edit, or delete content such as a route or posts in different languages. However, he cannot add users or make changes to an application.
TranslatorA translator user cannot add applications or content, and cannot otherwise change content structures. A user in the Translator role only ever has access to the languages assigned to him and can thus translate content (e.g. routes, posts, etc.) in his area of responsibility.
Extended
Contributor
An extended contributor role is similar to contributor role and has access to create and manage content and also has access to the application in read only view and can make changes in design but may not make any structural changes to the application.