User Tools

Site Tools


developers:general:permissions

Permissions

System design

The SnapBill permission system runs according to a longest prefix match based system on top of the URL structure that we use in SnapBill.

By default all new users simply have the / permission enabled which gives them access to everything. If you choose to DENY /client (access to a single client) it will also block off the ability to add a client /client/add. A rule such as DENY /; ALLOW /client/add will block the user from doing anything except adding new clients.

Whether we allow or deny a given address to one of your users, depends on the action of the longest matching rule that you have defined.

Allowing /client/* will allow anything under /client excluding /client itself. See the examples section for use cases of this.

Url prefix examples

There are thousands of potential permissions throughout SnapBill so unfortunately we can't list them all here. If you're looking for a single one please feel free to contact support and we'll try help you out.

/billing: Access to the billing area
/clients: View simple listings and search all clients on the account
/client: View details about a specific client
/client/*: All the "/client" links below, but not including "/client" itself
/client/add: Add a new client to the account
/client/change_state: Change the state of an existing client
/client/payment_method: Change the payment method of an existing client
/client/remove: Remove a client from the account
/client/update: Update general details of a client
/editor: Access to the invoice editor
/email/add: Add (send) a new email to a client
/email: View an email that has been sent previously
/import/add: Upload a new import to SnapBill
/imports: Access to the imports area
/import: Access to a single import
/report/clients: Access to a specific report (the 'Clients' report)
/report: Access to the reporting section
/setup: Access to the setup area
/statistics/growth: Access to a specific statistics page
/statistics: Access to the statistics area

Example permission setups

Allow access to search and view clients, but not to do anything else with them

DENY  /
ALLOW /clients
ALLOW /client
DENY  /client/*

Allow access to the system as usual, but don't allow anything in the setup or statistics area

ALLOW /
DENY  /setup
DENY  /statistics

Allow only access to the 'Stacked Income' statistics report

DENY /
ALLOW  /statistics
DENY  /statistics/*
ALLOW  /statistics/stacked_income
developers/general/permissions.txt · Last modified: 2014/10/18 07:04 by Jaco van Wyk