Introduction to Access Profiles#

Overview#

Access profiles define the model types that a user is allowed to access, and are assigned to users via Roles (default menus: Role Management > Roles).

Note

Access profiles are subject to the following requirements:

Default access profiles

These adhere to the following hierarchy of permissions: Provider > Reseller > Customer > Site. For instance, default Customer access profiles have less permissions than Provider access profiles.

Cloned access profiles

A cloned access profile has equal or less permissions than the access profile of the admin user who creates the clone.

When a system upgrade is performed, the default access profiles are updated in accordance with the above.

Note

Existing cloned access profiles are not upgraded. You have to manually update them, or re-clone and modify them from the upgraded, default versions as needed.

../../_images/access-profiles.png

Related Topics

Manage Access Profiles#

Admins at a higher level than Provider admins can view, add, edit, and delete access profiles via (default menus) Role Management > Access Profiles.

The list view shows existing access profiles added to the system.

  • To add an access profile, click the Plus icon (+) from the list view, then fill out details on the configuration screen.

  • To delete an access profile, select an access profile in the list view, then click the Delete icon.

  • To edit an access profile, click on the access profile in the list to open the configuration screen.

The table describes configuration options when adding or editing an access profile:

Title

Field Name

Description

Name *

name

The name that is given to the access profile.

Description

description

A description for the access profile.

Full Access

full_access

Enabling this flag, grants the user full system access.

Miscellaneous Permissions

miscellaneous_permissions

The list of miscellaneous operations permitted by this access profile.

Type Specific Permissions

type_specific_permissions

Configure permissions per model type for this access profile.

These permissions override any Permitted Type permissions using a wild card “*” of the same type.

Type Specific Permissions

Title

Field Name

Description

Permitted Type *

type

The type that is permitted by this Access Profile. This field supports the use of the * wildcard.

The wildcard can be retricted by a Type Specific Permission of the same type.

Permitted Operations

operations

The operations that are permitted by this Access Profile for the given type.