raven/devdocs/specs/core-roles.txt

# Roles specifications

From case https://rockfish.ayanova.com/default.htm#!/rfcaseEdit/1809

RAVEN will replace security rights system of v7 with a role based system instead
I'm using an int flags enum which means a maximum of 32 possible roles unless I bump it up to a long but don't really want to as this number will be thrown around the api a lot



TODO: Fill this out as I code.

**DELETE RIGHTS***
If you can modify an object you can delete an object


**OWNER LIMITED ROLES**
Limited roles in some cases can create an object but can only edit or delete objects they created

## ROLES

### None
No rights, not settable, just for internal usage in code

### BizAdminLimited
Intended for a business administrator / supervisor who wants to monitor the business, kpi, reporting etc, but doesn't actually get to change anything.
Suitable for the "big boss" who isn't trusted to make actual day to day decisions but can review anything.

**RIGHTS**
- Read only access to everything (except OPS stuff)
- Full access to management reporting, KPI etc, but can't change them substantially, just sort, filter etc.


### BizAdminFull

Basically the v7 manager account stuff with full rights to everything other than OpsAdmin stuff.

**RIGHTS**
- Full access to all AyaNova objects with the sole exception of OPS related stuff
- Grants roles to other users
- Licensing
- Business related configuration settings
- All management and KPI stuff

### DispatchLimited

### DispatchFull

### InventoryLimited

### InventoryFull

### Accounting

### TechLimited

### TechFull

### SubContractorLimited

### SubContractorFull

### ClientLimited

### ClientFull

### OpsAdminLimited

### OpsAdminFull
backup, troubleshoot, dashboard of throughput, db administration, all the stuff needed to keep RAVEN up and running and monitor any issues in operations of it, nothing to do with business stuff or actual business data