Permissions (Admin Guide)

Permissions are granular controls that define specific actions users or roles can perform within the InnoSynth-Forjinn platform. As an administrator, understanding and managing permissions is crucial for maintaining security, data integrity, and proper access control.

What are Permissions?

A permission is a specific authorization to perform an action (e.g., "create chatflow," "delete credential," "view logs") or access a resource (e.g., "access admin settings"). Permissions are typically grouped into Roles, and these roles are then assigned to Users.

Granularity of Permissions

InnoSynth-Forjinn's permission system is designed to be granular, meaning you can control access at a very detailed level. Examples of permissions include:

• Chatflow Management:
  • chatflow:create: Ability to create new chatflows.
  • chatflow:view: Ability to view chatflows.
  • chatflow:edit: Ability to modify existing chatflows.
  • chatflow:delete: Ability to delete chatflows.
  • chatflow:deploy: Ability to deploy/activate chatflows.
  • chatflow:execute: Ability to run chatflows.
• Credential Management:
  • credential:create: Ability to add new credentials.
  • credential:view: Ability to view existing credentials.
  • credential:edit: Ability to modify existing credentials.
  • credential:delete: Ability to delete credentials.
• Agent Management:
  • agent:create: Ability to create new agents.
  • agent:view: Ability to view agents.
  • agent:edit: Ability to modify agents.
  • agent:delete: Ability to delete agents.
• Tool Management:
  • tool:view: Ability to view available tools.
  • tool:use: Ability to use tools in chatflows/agents.
• User & Role Management (Admin-specific):
  • user:manage: Ability to create, edit, and delete users.
  • role:manage: Ability to create, edit, and delete roles and their permissions.
• Platform Settings:
  • settings:view: Ability to view platform settings.
  • settings:edit: Ability to modify platform settings.
• Logs & Monitoring:
  • logs:view: Ability to view system and execution logs.

How Permissions are Applied

When a user attempts an action, InnoSynth-Forjinn checks if the user's assigned roles collectively grant the necessary permission for that action. If any of the user's roles have the required permission, the action is allowed.

Best Practices for Permission Management

• Principle of Least Privilege: Always grant users only the minimum permissions required to perform their job functions. Avoid giving excessive permissions, especially "Admin" access, unless absolutely necessary.
• Use Roles Effectively: Leverage roles to manage permissions efficiently. Instead of assigning permissions directly to users, define roles with specific permission sets and assign users to those roles.
• Regular Review: Periodically review user roles and permissions to ensure they are still appropriate and align with current responsibilities.
• Audit Logs: Utilize platform audit logs (if available) to track who performed what actions, which can help in security audits and troubleshooting.

By carefully configuring permissions, you can create a secure and well-controlled environment within InnoSynth-Forjinn, protecting sensitive data and preventing unauthorized actions.