Documentation

 

Security

We know how important security is for most companies and from day one we have designed CompleteProject to be an application where companies can securely store their documents.  This security includes the use of technologies like secure sockets and digest authentication as standard on all accounts - including free accounts.  It also includes application design to prevent things like elevated security permissions breaches.
 
To see how security permissions are assigned within CompleteProject consider the example discussed in Task Delegation.  In this example the CEO of ABC Corporation delegated a project to the VP of marketing who in turn created a project and delegated it to an outside firm.
 
An important security concept within CompleteProject is the concept of the "master root project".  The master root project is a project from which all other sub projects and tasks are created.  In other words it is a project that does not have a parent project.  Note that because complete project is a distributed application a project may have a parent project even though you may not have permissions to see the parent project.
 
Why is the master root project important?  Because the creator of the master root project is in effect the creator of all sub projects and tasks. In other words all tasks, projects and files existing within the master root project are under a single person's user account.   
 
Note that in the case discussed in Task Delegation  the "master root project" is "Marketing" for all projects created - as this is the only project which does not have a parent project.  Also note that your VP of marketing can see the "Create Marketing Plan" project but cannot see "Marketing" project.  This is because you have not granted your VP of marketing access to the "Marketing Project".  Therefore from the perspective of the VP of marketing it seems that the "Create Marketing Plan" project is the master project - but this is not the case.  Because of this all information will be stored in the CEO's account.  If the outside firm adds a one Gigabyte file to the "Market Research" project the CEO's account will need to have enough room available to store that file.  Also note that in this case both the CEO and the vice president of marketing need to be paid users because they both require the "delegate" feature.  The external firm do not need to be paid users because they do not need the ability to delegate tasks.  Any files they need to attach to the project will be stored under the CEOs account.  Therefore the external firm do not need additional online storage - or a paid account.