Roles

Roles allow to easily manage Users and their permissions :

• you can assign multiple Roles to a User
• adding/removing Permissions is just adding/removing the Role to the User
  

Note : Additionally, Roles can be used as mailing lists for Schedules.

To manage Roles, go to the Administration > Roles page :

Assigning Roles

To assign Roles to Users, you must edit the Users, see the corresponding chapter.

Some roles are assigned by default thanks to the Default property (see below).

Default Roles

Some Roles exist by default in Alpana Server.
They cannot be deleted.

Host default Roles

When installing Alpana Server, some default Roles exist on the Host :

Admin

!Be very careful when removing permissions from the Admin Role.
Make sure that you still have at least some users with enough permissions to restore access to features.
If you want to create administrators with restricted access, you can create dedicated Roles.

The Admin Role is added by default to new users of the Host.
By default, it gives full permissions.

Tenants default Roles

When creating a Tenant, some default Roles are created on the Tenant :

Admin

!Be very careful when removing permissions from the Admin Role.
Make sure that you still have at least some users with enough permissions to restore access to features.
If you want to create administrators with restricted access, you can create dedicated Roles.

Users with the Admin Role have read/write access to all objects by default (Dashboards, Data Sources, Widgets).
These permissions can then be overridden at the object level.

User

The User Role is added by default to new users of the Host.
Users with the User Role have read access to all objects by default (Dashboards, Data Sources, Widgets).
These permissions can then be overridden at the object level.

Guest

Users with the Guest Role have no access to any objects by default (Dashboards, Data Sources, Widgets).
These permissions can then be overridden at the object level.

Example : If UserX is Guest and you add permission “Dashboard Viewer” to this UserX, then they will be able to view every dashboard where you explicitly add permission “Read” for this UserX, and no other Dashboard.

Reserved Connection

Users with the Reserved Connection Role are guaranteed that they can login, because no other concurrent user can take their token for logging in.
This means that they automatically and permanently count as users inside the Maximum concurrent access count license property of the Tenant.

Creating a Role

To create a new Role, click Create new role :

Then fill-in the Role form (see below Edit Role).

Viewing Roles

Role attributes

Some Role attributes are displayed as a tag in the list :

• Static : this Role exists by default and cannot be deleted (see above)
• Default : this Role is assigned to new Users by default

Filtering the list

You can filter Roles by which permissions are active :

Click Select permissions in the top bar :

Then select the required Permissions and click Select :

Editing a Role

To Edit a Role, click the Actions > Edit button :

Role name

Use a descriptive role name.

Default

Check this option if you want to Role to be assigned to all new Users by default :

Permissions

Check the desired permissions, as described in the corresponding chapter.

Deleting a role

To delete a Role, click Action > Delete :

*Note : The Roles that exist by default in Alpana Server cannot be deleted.

Code192 2020 All rights reserved