Role-Based Access for C4 Diagram Sets
Use this guide to align C4 Diagram Set permissions with the standard Nodinite role model.
- Keep architecture governance consistent with existing Roles and permission sets
- Control who can access assigned C4 Diagram Sets
- Control who can use grouped-log dynamic diagram features
- Keep assignment and permission handling consistent with the Manage Role workflow
Permission model for C4 Diagram Sets
The C4 permission set uses the same role-based model as other repository features. Rights are evaluated through assigned Roles.
| Permission | Scope | Recommendation |
|---|---|---|
| Access | Global and per assigned C4 Diagram Set | Grant to architecture consumers and maintainers |
| Logging | Global | Grant only to users who need grouped-log dynamic diagram capabilities |

Example of the role-based permissions view for C4 Diagram Sets, including Access and Logging controls.
Assignment workflow in Manage Role
Administrators assign C4 Diagram Sets from the C4 Set Permissions (x) tab in the Role editor:
- The tab count x shows how many C4 Diagram Sets are assigned to the Role.
- The Edit flow lets administrators add or remove assigned sets.
- Access is evaluated for assigned sets, while Logging is evaluated at global scope.
Logging behavior
Logging permission controls whether users can access grouped-log dynamic diagram capabilities linked to C4 Diagram Sets. Keep this permission limited to Roles that need these log-driven diagram actions.
Default role assignment on new sets
From Nodinite 7.6.0 and later, new Diagram Sets can inherit default roles through DefaultRolesInViews. This helps administrators apply a baseline access model when sets are created.
Use this together with the C4 Diagram Set permission set to avoid manual post-creation access fixes.
Next Steps
- Permission Set for C4 Diagram Sets
- Add or manage C4 Diagram Set
- Generate from Integration Landscape
- Import