Roles
Overview
MetaDefender Vault has several predefined roles - also referred to as User Type:
Administrator, Read-Only Administrator, IT-Helpdesk, Auditor, Global Supervisor and User
During installation, the first user is created as an Administrator. Any local user created afterwards needs to be defined during its creation.
Roles and Permissions
Administrator: has access and can perform any configuration required to the system, and to any file in the system. Administrator can release files (but cannot approve it unless also a supervisor), download and preview other users’ files.
Read-Only Administrator: has access to any configuration, but can not perform any changes. This role has no visibility to Processing History but cannot download/preview users' files.
Helpdesk Administrator: can administrate users (add/remove/edit), and perform administrative tasks in the system. This role has access to their own files only.
Auditor: An auditor role has access to any file the system processes and thus has access to Processing History, Outbreak prevention, Audit, Recycle Bin and Archive.
Global Supervisor: Supervisor role is a regular user role, without the ability to delegate supervisors. Sees all files in pending approval state and when a Global Supervisor approves a file, it becomes instantly available, no further steps/stages will be required.
| Admin | Read Only Administrator | IT Helpdesk | Auditor | User | Global Supervisor | |
|---|---|---|---|---|---|---|
| Processing History | Full | Filename and tag | N/A | Full [1] | N/A | N/A |
| Users | Full | View | Create / Remove / Edit | Self created External / Guest | Self created External / Guest | Self created External / Guest |
| Supervisor | Full | View | Process Setup | N/A | When Supervisor | Full [5] |
| Outbreak Prevention | Full | View | Full | Full [2] | N/A | N/A |
| Trusted Network | Full | View | Full | N/A | N/A | N/A |
| Notifications | Full | View | Full | N/A | N/A | N/A |
| Audit | Full | View | Full | Full [2] | N/A | N/A |
| Recycle Bin / Archive | Full | View | Own files | Full [3] | Own files | Own files |
| Settings | Full | View | Full [4] | N/A | N/A | N/A |
[1] Full - But without Revoke/Approve/Delete/Permanently Delete [2] Full - But without Settings [3] Full - But without Restore/Delete/Permanently Delete [4] Full - But without API keys [5] Full - Withtout the ability to delegate other supervisors