Those permissions are automatically created at the first launch of the tenant, they are designed to manage access to HyperPortal`s features. You can set those permissions only for CRM groups in the group editor. You can learn more about groups here. Go to CRM -> Groups, choose a required group then you can add or delete permissions in the 'Permissions' form. Group`s permissions are extended to its users.
Those permissions are -
'Bulk edit' - enables the editing of multiple items at a time.
'Export' - unlocks the possibility to export data.
'Forms' - gives access to the HyperForms
'HyperBI ' - gives access to the HyperBI
'Mail templates' - gives access to the email templates configuration
'Integration ' - gives access to internal data from outside
'Workflows' - gives access to the workflows module
'Process cancellation' - gives access to the process cancelation.
'Custom data ' and 'Portal' - these features enable access to all common HyperPortal features. If it`s disabled the users in the group won`t be able to use the service.
'Portal administrator' - gives the administrative rights to users in the group. This means that the users will be able to and edit any permissions on the portal. Groups with this permission can also create new entities and modify existing ones.
Data permissions can be given to groups and individuals. They can be edited in the entity editor, you can learn more about it here. There are three separate types of permissions - view, create and delete. They can be set separately. For example - certain groups or individuals could only view items but not edit or delete them because they only have a 'view' permission.
You can also edit permissions for each separate property.
Individual permissions can be given at the bottom of the permission tab. Keep in mind that you can give individual permission only to users that are in the 'Contact' entity items. You can learn more about adding new users here.
You can set permissions for processes and tasks. Those permissions are divided into view, delete and execute permissions.
Those groups and individuals that have view permissions will be able to open and view processes, those with execute permissions can start new processes, and users with delete permissions can remove processes. Users that have 'execute' and 'view' permissions will be able to start the process from the workflows dashboard.
You can also edit permissions for each separate task. Individuals and groups will be able to view and execute only those tasks that they have permission for. Users with 'execute' and 'view' permissions for manual tasks will be able to see those tasks on the workflows dashboard.
We know that permissions come from three different sources(feature permissions (Admin rights), data permissions, and individual permissions). If the user was given permission to only view the item by one source but to view and edit it by the other source, then the permission with higher elevation will work only. Let`s look at the example - James Smith is in a HyperPortal users group
He wants to create a new 'XDMS order' entity item, but the group that he is in doesn`t have permission to add a new item. James Smith will still be able to add an item because he has individual permission set for him in the 'XDMS order' entity.