There are basically 2 aspects to the security model in iCalScheduler 0.61. There are permissions (groups of permissions can also be called 'roles') and there
are departments. The permissions allow a user permission to do things like add, modify or delete rooms, buildings/locations,
filters, and events (events with a caveat - see below). The departments in turn add another level of security for events.
The way that this works is that ownership of a room is assigned to a given department. Only department administrators
are then allowed to directly create, modify or delete an event in a room owned by that department. Someone else may
have the assigned privileges to edit or add an event, but unless they are assigned as a department administrator for the
department that owns the room, then they will only be able to request the event, but not add or edit the event directly. (Whether a user is assigned as a department administrator is determined in the user administration screen).
In other words, the extra level of security is whether or not they are a department administrator for
the department that owns the room where they are requesting an event. So a user can have permissions to
add, edit or delete an event.
If that user also is a department administrator for the department that owns the room and that the event is in,
then that user will be able to add, modify or delete the event.
When they bring up the screen to add or modify an event they will see a "Save" button on the bottom of the screen.
However, if the user only has the permissions to add, modify or delete an event but they are not
a department administrator for the department that owns the room in which the event is scheduled,
then they will not be able to add or modify the event directly. In that case, instead of the "Save"
button on the bottom of the edit event screen, they will see a button that says "Email Request".
Upon filling out the edit event screen and clicking the "Email Request" button, a request
should automatically be be sent to the designated department adminstrator (for the department that owns the
room where the event is scheduled). Then it will be up to the designated
department administrator to approve or deny the event request.
The screen below shows how a user is assigned as a department administrator.
User Assignment Screen