...
How Does it Work?
The primary method for authorisation authorization (what a user can do) is now based on the users' Roles. Roles are defined as admin, org_admin, reporter, and user by default. Each role has a set of permissions (Create, Read, Update, Delete) for each endpoint. Standard roles ( as shipped should cover 99.9% of use-cases. The ability to define additional roles and edit existing roles is enabled in Open-AudIT Enterprise.
...
To add a new user to Open-AudIT you have to provide the details of that person, assign the organization, select the relevant Roles (multiple roles can be selected), select if the user is active or not, etc. In addition, you must grant permission to that user to access one or more organisationsorganizations. It is important to notice that selecting a parent organization will automatically provide access to its children.
...