.. _access_profiles:
Introduction to Access Profiles
---------------------------------
Overview
..........
Access profiles define the model types that a user is allowed to access, and are
assigned to users via Roles (default menus: **Role Management > Roles**).
.. note::
Access profiles are subject to the following requirements:
========================== ========================================================================
Default access profiles These adhere to the following hierarchy of permissions:
**Provider > Reseller > Customer > Site**.
For instance, default Customer access profiles have less permissions
than Provider access profiles.
Cloned access profiles A cloned access profile has equal or less permissions than the access
profile of the admin user who creates the clone.
========================== ========================================================================
When a system upgrade is performed, the default access profiles are updated in
accordance with the above.
.. note::
Existing cloned access profiles are **not** upgraded. You have to manually update them,
or re-clone and modify them from the upgraded, default versions as needed.
.. image:: /src/images/access-profiles.png
.. rubric:: Related Topics
*
.. raw:: latex
Access Profile Permissions and Operations in the Core Feature Guide
.. raw:: html
Access Profile Permissions and Operations
*
.. raw:: latex
Menu Layout and Access Profiles in the Core Feature Guide
.. raw:: html
Menu Layout and Access Profiles
Manage Access Profiles
........................
Admins at a higher level than Provider admins can view, add, edit, and delete access profiles via
(default menus) **Role Management > Access Profiles**.
The list view shows existing access profiles added to the system.
* To add an access profile, click the Plus icon (+) from the list view, then fill out details on the
configuration screen.
* To delete an access profile, select an access profile in the list view, then click the **Delete** icon.
* To edit an access profile, click on the access profile in the list to open the configuration screen.
The table describes configuration options when adding or editing an access profile:
.. tabularcolumns:: |p{4cm}|p{4cm}|p{7cm}|
+---------------+---------------------------+----------------------------+
| Title | Field Name | Description |
+===============+===========================+============================+
| Name * | name | The name that is given to |
| | | the access profile. |
+---------------+---------------------------+----------------------------+
| Description | description | A description for the |
| | | access profile. |
+---------------+---------------------------+----------------------------+
| | | Enabling this flag, grants |
| Full Access | full_access | the user full system |
| | | access. |
+---------------+---------------------------+----------------------------+
| Miscellaneous | | The list of miscellaneous |
| Permissions | miscellaneous_permissions | operations permitted by |
| | | this access profile. |
+---------------+---------------------------+----------------------------+
| Type Specific | | Configure permissions per |
| Permissions | type_specific_permissions | model type for this access |
| | | profile. |
+---------------+---------------------------+----------------------------+
.. rubric:: Type Specific Permissions
.. tabularcolumns:: |p{4cm}|p{4cm}|p{7cm}|
+------------------+------------+--------------------------------------+
| Title | Field Name | Description |
+==================+============+======================================+
| | | The type that is permitted by this |
| Permitted Type * | type | Access Profile. This field supports |
| | | the use of the * wildcard. |
+------------------+------------+--------------------------------------+
| Permitted | | The operations that are permitted by |
| Operations | operations | this Access Profile for the given |
| | | type. |
+------------------+------------+--------------------------------------+