Introduction
Administration, control, and access of various entities in a Portal play a key role in application management with respect to an organization. The level of granularity with which the functions, settings, rules, and procedures can be defined eases the process of streamlining how an organization uses the system. This can only be achieved by varying role definitions of each user to equip them with different levels of authoritative and contributive options within the Portal.
Concept
User Roles determine the access level and permissions of a person authorized to use VIDIZMO. In a default VIDIZMO installation, there are certain predefined roles assigned to users with a default set of permissions. We will be looking at these roles and their permissions in more depth below:
Roles and Permissions
In VIDIZMO Digital Evidence Management System, roles define the permissions which control access to various features within the Digital Evidence Management system. Each portal user is assigned a certain role based on their required access control. Below is a list of pre-configured roles along with their set of permissions
Note: VIDIZMO also allows its valuable customers to customize these roles with designed set of permissions. Please contact VIDIZMO Support Team for more information.
Permission Reference
The following table provides the default permissions for the pre-configured roles in VIDIZMO DEM. This table has been populated with an assumption that your Portal's Security policy for Media Access has been set to All Account and Portal Viewers. This entails that the all registered users have the right to view media uploaded in the Portal.
Note: The permissions discussed in the table below, are applicable if the portal's Security Policy is set to Decide when Publishing. This means that access permissions on every media shall be the sole determinant of who can view this media. Also, there are certain media-related permissions such as Sharing, Downloading and Commenting that when enabled on a Group, will only be applicable on a media file if the same permissions are enabled on that media's publish settings.
| Permissions | System Administrator | Manager | Moderator | Contributor | Viewer | Anonymous |
|---|---|---|---|---|---|---|
| Login Access | ||||||
| Login to the Portal | Allowed | Allowed | Allowed | Allowed | Allowed | Not Allowed |
| Search Access | ||||||
| User Search | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Group Search | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Evidence Search | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Allowed If Access |
| Case Search | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Allowed If Access |
| Metadata Search (Evidence/Case) | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Allowed If Access |
| Search within Closed Captions | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Allowed If Access |
| Search using Face | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Allowed If Access |
| Case Management | ||||||
| Creating a Case | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Adding existing Evidence to a Case | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Uploading Evidence files within a Case | Not Allowed | Allowed | Allowed | Allowed | Not Allowed | Not Allowed |
| Modifying Case Settings | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Modifying Case Custom Attributes | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Deleting Case | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Adding Case to Quick Access section | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Not Allowed |
| Sharing Case (If Case Sharing Enabled) | Not Allowed | Allowed | Allowed | Allowed | Allowed If access | Allowed If Access |
| Grant Access Rights (via Limited Share) | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Viewing Chain of Custody of a Case | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Downloading Chain of Custody of a Case | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Unpublishing Case | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Copying link of Case | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Flagging a Case | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Moving Case from one Folder to another | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Case Inspection | ||||||
| Inspecting Case | Not Allowed | Allowed | Allowed | Allowed | Allowed If access | Allowed If Access |
| Evidence Management | ||||||
| Uploading Evidence | Not Allowed | Allowed | Allowed | Allowed | Not Allowed | Not Allowed |
| Modifying Evidence Basic Details (Title, tags, closed captions file) | Not Allowed | Allowed | Allowed | Allowed (Only on Self - Uploaded) | Not Allowed | Not Allowed |
| Modifying Evidence Access Rights Policy | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Modifying Evidence Publishing Rules | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Modifying Evidence Custom Attributes | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Grant Access Rights (via Limited Share) | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Deleting Evidence | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Moderating Evidence | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Evidence Tamper Detection (If App Enabled) | Not Allowed | Allowed | Allowed | Only on Self-Uploaded | Not Allowed | Not Allowed |
| Viewing Evidence Chain of Custody | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Downloading Evidence Chain of Custody | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Evidence Downloading (if Allow Downloading is checked in Publish Settings) | Not Allowed | Allowed | Allowed | Configurable | Configurable | Configurable |
| Evidence Sharing (if Allow Sharing is checked in Publish Settings) | Not Allowed | Allowed | Allowed | Configurable | Configurable | Configurable |
| Unpublishing an Evidence | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Moving Evidence to other Folder | Not Allowed | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed |
| Add Evidence to Quick Access section | Not Allowed | Allowed | Allowed | Allowed | Not Allowed | Not Allowed |
| Add Notes (if Allow Notes is checked in Publish Settings) | Not Allowed | Allowed | Allowed | Configurable | Not Allowed | Not Allowed |
| Evidence Re-upload | Not Allowed | Allowed | Allowed | Only on Self-Uploaded | Not Allowed | Not Allowed |
| Adding Annotations | Not Allowed | Allowed | Allowed | Configurable | Configurable | Not Allowed |
| Viewing Annotations | Not Allowed | Allowed | Allowed | Configurable | Configurable | Allowed If Access |
| Evidence can be Assigned to | Not Allowed | Allowed | Allowed | Allowed | Allowed | Allowed only if External Sharing has been enabled in Portal |
| Evidence Redaction | Not Allowed | Allowed | Allowed | Configurable | Configurable | Not Allowed |
| Evidence Mosaic | Not Allowed | Allowed | Allowed | Configurable | Configurable | Not Allowed |
| Evidence Inspection | ||||||
| Inspecting Evidence (Can be Controlled with Access Settings) | Not Allowed | Allowed | Allowed | Allowed | Allowed If Access | Allowed (If Evidence Access Granted) |
| User & Groups Management | ||||||
| View and Edit Account Information | Allowed | Allowed | Only their own | Only their own | Not Allowed | Not Allowed |
| Invite Users | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Edit User Profile | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Edit User Role | Except their own | Except their own | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Delete User | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Disable User | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Reset User Password | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Create Group of Users | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Add/Remove Users in a Group | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Add/Remove Groups in a Group | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Edit Group Permissions | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Delete Group | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Create permissions for Groups | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Admin Access | ||||||
| Configure Security Settings | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Edit Portal Settings | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Users and Groups Administration | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Configuring Storage Providers | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Configuring Encoding Provider | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Setup Wizard | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Configure E-mail Templates and SMTP Protocols | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Configure Locations | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| Log Access Level | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
| View and Export Audit Log | Allowed | Allowed | Not Allowed | Not Allowed | Not Allowed | Not Allowed |
Note: In the table above, configurable permissions can be controlled using Group Permissions. To learn more about it, see: Understanding User Groups to Manage Access Rights and Permissions.