.. _access-profiles:
Introduction to access profiles
---------------------------------
.. _24.1|VOSS-1125:
.. tip::
:ref:`use-action-search-to-navigate-automate`
Overview
..........
Access profiles determine which model types a user can view or manage.
They are assigned to users through the **Access Profiles** page.
Access profiles control user permissions in the system. They define:
* Which model types a user can access
* What operations they can perform
* Whether permissions apply broadly (using wildcards) or specifically to certain models
Default access profiles
.........................
Default profiles follow a hierarchical permission structure:
**Provider -> Reseller -> Customer -> Site**
* Higher levels have more permissions.
* Customer profiles, for example, include fewer permissions than Provider-level profiles.
By default, most system-provided access profiles (except Operator profiles) allow:
* **Read** and **Export** rights on all multi vendor subscriber quick actions and service card "view" actions
Examples:
* ``view/DeleteCucmHuntGroupAllMembers`` (Quick Action)
* ``view/AddExtensionMobility`` (service card action)
Cloned access profiles
...........................
When you clone an access profile:
* It inherits equal or fewer permissions than the profile of the admin performing the clone.
* During system upgrades:
* **Default** access profiles are automatically updated.
* **Cloned** profiles are not updated. You must update them manually or re-clone from the latest
default profile.
Managing access profiles
...........................
Admins above Provider level can create, edit, and delete access profiles.
.. rubric:: View access profiles
The **Access Profiles** list view page lists all existing profiles. From here you can view, add, update, or
delete access profiles.
.. image:: /src/images/access-profiles-list.png
.. rubric:: Add an access profile
To add an access profile:
1. Go to the **Access Profiles** list view.
2. Click the **Plus** (+) icon from the **Access Profiels** list view.
3. Fill out the configuration fields.
4. Save your changes.
.. image:: /src/images/access-profiles-add-new.png
.. rubric:: Edit an access profile
To edit an access profile:
1. Go to the **Access Profiles** list view.
2. Click on the access profile you want to edit to open the configuration screen.
3. Update the access profile.
4. Save your changes.
.. image:: /src/images/access-profiles-edit-existing.png
.. rubric:: Delete an access profile
1. Go to the **Access Profiles** list view.
2. Select the access profile you want to delete.
3. Click the **Delete** icon to delete the access profile.
.. rubric:: Related topics
*
.. raw:: latex
Access profile permissions and operations in the Core Feature Guide
.. raw:: html
Access profile permissions and operations
* :ref:`search-concept`
Access profile configuration reference
..........................................
.. rubric:: Details
The table describes access profile configuration fields in the **Details** tab/panel
.. tabularcolumns:: |p{4cm}|p{4cm}|p{7cm}|
+---------------+---------------------------+----------------------------+
| Title | Field Name | Description |
+===============+===========================+============================+
| Name * | name | A unique name for the |
| | | access profile. |
+---------------+---------------------------+----------------------------+
| Description | description | Details about what this |
| | | access profile is for. |
+---------------+---------------------------+----------------------------+
| | | Grants complete system |
| Full Access | full_access | access, if enabled. |
+---------------+---------------------------+----------------------------+
| Miscellaneous | | Additional permissions |
| Permissions | miscellaneous_permissions | not tied to a specific |
| | | model type. |
+---------------+---------------------------+----------------------------+
.. rubric:: Type Specific Permissions
Type-specific permissions define what actions are
allowed per model type. They override wildcard permissions of the same type.
The panel lists the model types the profile can access (supports wildcards ``*``). Click on a permission
to update it for the access profile.
.. image:: /src/images/access-profile-configure-type-specific-permission.png
The table describes the fields in the type-specific permissions configuration screen.
.. tabularcolumns:: |p{4cm}|p{4cm}|p{7cm}|
+------------------+------------+--------------------------------------+
| Title | Field Name | Description |
+==================+============+======================================+
| | | The model type permitted by this |
| Permitted Type | type | access profile (supports use of a |
| | | ``*`` wildcard). |
| | | |
| | | The wildcard can be restricted by a |
| | | type-specific permission of the same |
| | | type. |
+------------------+------------+--------------------------------------+
| Permitted | | Actions allowed for this model type. |
| Operations | operations | |
+------------------+------------+--------------------------------------+
.. rubric:: Related topics
* :ref:`search-concept`
*
.. raw:: latex
Access profile permissions and operations in the VOSS Core User Guide
.. raw:: html
Access profile permissions and operations