Setting up authorization

Users are granted membership to one or more groups, groups in turn are granted one or more roles. Administrators can allow and deny actions on the system and for individual objects by assigning permissions to roles, and granting and revoking roles for appropriate groups of users. Administrators can also create restriction filters to limit the table data that a user or group can view.