- 2 minutes to read

Role-Based Access for C4 Diagram Sets

Use this guide to align C4 Diagram Set permissions with the standard Nodinite role model.

  • Keep architecture governance consistent with existing Roles and permission sets
  • Control who can access assigned C4 Diagram Sets
  • Control who can use grouped-log dynamic diagram features
  • Keep assignment and permission handling consistent with the Manage Role workflow

Permission model for C4 Diagram Sets

The C4 permission set uses the same role-based model as other repository features. Rights are evaluated through assigned Roles.

Permission Scope Recommendation
Access Global and per assigned C4 Diagram Set Grant to architecture consumers and maintainers
Logging Global Grant only to users who need grouped-log dynamic diagram capabilities

Role-based permissions for C4 Diagram Sets
Example of the role-based permissions view for C4 Diagram Sets, including Access and Logging controls.

Assignment workflow in Manage Role

Administrators assign C4 Diagram Sets from the C4 Set Permissions (x) tab in the Role editor:

  • The tab count x shows how many C4 Diagram Sets are assigned to the Role.
  • The Edit flow lets administrators add or remove assigned sets.
  • Access is evaluated for assigned sets, while Logging is evaluated at global scope.

Logging behavior

Logging permission controls whether users can access grouped-log dynamic diagram capabilities linked to C4 Diagram Sets. Keep this permission limited to Roles that need these log-driven diagram actions.

Default role assignment on new sets

From Nodinite 7.6.0 and later, new Diagram Sets can inherit default roles through DefaultRolesInViews. This helps administrators apply a baseline access model when sets are created.

Use this together with the C4 Diagram Set permission set to avoid manual post-creation access fixes.

Next Steps