Introduction
This article aims to describe and guide the organisation of the roles of SYSTRAN apps' users inside an organisation. We will start by describing role and permissions then take an example of the roles inside an organisation.
Pre-requisites
1. Minimum SPNS 9.5 preinstalled
2. To understand/ edit/ create the roles you will need access to Administration > Users ( Ask you System-Admin to provide you with an access)
1 Roles and permissions
The roles define not only the responsibilities of an users but also access to the features of the SYSTRAN application. The permissions on the other hand give the access to the objects and translation resources such as profiles, TM & UDs etc
1.1 Roles
Below are the descriptions of the default roles in hierarchical order :
Super : The Super User is a specific user who has all the privileges and is considered the most superior user of the tool. By default the Super role has nothing checked, but has all the user rights allocated. This role cannot be edited or deleted.
Admin : The Admin user is the Application administrator, who also has a superior role but has less privileges than the Super user. The admin can manage the licenses, system settings, user resources/ glossaries, translation profiles and also monitor the application usage and status of the application.
Resource Manager : The resource manager is the user, in charge of linguistic resource management and enhancement. The Resource manager role holder will have visibility to the complete list of user glossaries and translation profiles.
IAM Manager : This role is to manage user, groups & roles, which was introduced in SPNS 9.5, there are optional features around Identity and Access Management for more granularity in groups and user permissions, enabling group level restricted sharing and administration. This is not a role by default, but creation of role is highly recommended for easing the user management. The IAM manager role will not allow to perform basic translations until default user role is also assigned.
P.S. This is an extra feature available with licence level 4 please check with your account manager for further details.
This role relies on the permissions IAM101-Manage Peer Group Users and IAM010-List Peer Group Users to restrict access to users management. If an user has theses permissions, he can see and edit users of his groups, and also create new users, but only within groups he belongs to or he has created. He will not see all the other users of the server, unless the permission IAM991-Manage All Users is checked.
Default user : This is the role for the end user, with right to perform translation jobs only, such as text, file and web translation.
Anonymous user : Anonymous user is the non-signed user. By default this user has no rights. Do not remove this user as it is required for (other) users to log in.
1.2 Permissions
Permissions are granted over an object, which is different than roles and is not a feature. In SYSTRAN permissions play vital roles when granting access to another user to use a language pair or it's resources. Users having role of resource manager will be able to see the profiles but won't be able to edit them, until the permission is granted to them to edit a particular profile. The permission on the resources allows the users to access the shared resource such as user and normalisation dictionary, translation memory etc. There are 3 types of permissions that can be assigned on User level or Group level under Resources tab in SPNS.
The permissions are the following :
- Read : Access to a shared resource in read-only mode
- Write : Access to a shared resource in read and write mode
- All : Complete access to a resource including deletion
2. Example Case
To explain the organisation of the roles we will take the example of a Corporate Organisation.
Hierarchical tree of a Corporate organisation :
Role example:
SYSTRAN App role organisation for the above enterprise : (The above hierarchy is not maintained in the application)
Distinguish between roles and permission and their possibilities in Systran
Below is an example of differences between roles and permissions. For example : In the above company each Asian Translator has all permissions to their own UD and TMs in Asian languages, so does the French and Spanish translators for resources in their language. However, they have no transversal visibility or access, even though they are all having roles as resource manager and Feedback managers. On the other hand the SYSTRAN Product Owner holding the Administrator role has visibility to all the resources' list but cannot read or modify them.