remoteEaze
Security & Compliance

Data Access Scope

How remoteEaze limits which records a user can view or change.

Last updated

What data access scope means

Permissions answer: "Can this role perform this action on this entity?"

Data access scope answers: "Which records are in bounds for this user?"

Both checks are required. A user can have permission for an action but still be blocked if the record is outside their scope.

Scope types

ScopeMeaning
SYSTEMGlobal scope, used for system-level actors.
ORGANIZATIONAccess to records across the tenant.
BRANCHAccess limited to allowed branches.
SELFAccess limited to records owned by the user.

How the backend enforces scope

The backend is the security boundary.

  • Tenant boundary is checked first.
  • For BRANCH, allowed branches come from branchRestrict or fallback branchId.
  • For SELF, ownership fields are matched against the current user.
  • Out-of-scope records are denied.

This applies to reads, updates, workflow actions, and exports. It is enforced by request guards and by scoped query filters.

How the frontend uses scope

The frontend uses the same permission model to shape the experience:

  • show or hide modules
  • show or hide tabs
  • show, hide, or disable actions

This improves usability but does not replace backend enforcement.

Practical examples

  • A branch-scoped user can read customer records in their allowed branches and is blocked outside those branches.
  • A self-scoped user can act on records they created or own, but not peer records.
  • A user can see a page entry in the UI and still be blocked on submit if the target record is out of scope.

Permissions and Maker-Checker

How access is enforced, what maker-checker means, and which entities require approval.

Activity Logs

What activity logs store, how sensitive data is protected, and how change history is shown.

On this page

What data access scope meansScope typesHow the backend enforces scopeHow the frontend uses scopePractical examples