KB Meister controls access to its categories (the structural hierarchy, aka branches), records (aka knowledge objects), and record notes (notes attached to a record) by selectively granting rights to view, edit, and delete them.
| || ||Custom |
|SecLev || |
| ||Users ||Y ||Y || |
| ||Categories ||Y ||Y || |
| ||Records ||Y ||Y || |
| ||Record Notes ||N ||Y || |
Such rights are granted on the basis of multiple custom group access and a SecLev (security level), all assigned independently to users, categories, records, and record notes as shown at right.
Custom access group designations are provided to address the needs of a group to view, edit, and delete categories and records made available within a knowledge base only to members of that group. KB Meister supports the use of any number of custom access groups within an account, including none.
A user's SecLev designates a collection of rights that user has within KB Meister typically reflecting the level of trust the account holders have in that user. Each user has one SecLev. A detailed explanation of SecLev may be found by clicking that term anywhere on a KB Meister form.
A category, record, and record note each have a SecLev granting viewing rights to users with a matching SecLev or higher. A user's ability to edit or delete after viewing is not determined by the SecLev of a category, record, or record note, but rather by the SecLev or custom access group membership of the user.
The flowchart below and the notes and examples below that clarify the interplay of custom access groups and the SecLev of users, categories, records, and record notes.
Access rights are evaluated in the order presented in the flowchart. A user who fails the test in #1 to view a category may not view records in that category even if the user has rights to view those records. Since notes are attached to records, a user must have access to view a record before that user can view or edit a note regardless of the note's SecLev.
Note that SysAdmin users (regular and billing) are unrestricted by custom access groups. Their decision node regarding all custom access groups always evaluates to "Y".
Access to change other aspects of KB Meister, such as users and other preferences under the Admin menu button are outside the scope of this explanation. Such access rights are based exclusively on the user's SecLev.