...
Built-in roles
Built-in roles are hard-coded, system-provisioned roles that limit access to certain pages of DPOD's UI consoleWeb Console.
Each user must be assigned to at least one built-in role, or they will not be able to login to the console. It is up to the administrator to decide whether to assign a built-in role directly to the user, or use the group membership mechanism to provide built-in role(s).
The built-in roles are available for view only under [Manage→ System → Roles] (As described in Security Roles). Each built-in role can be linked to users or groups.
The table below lists the available built-in roles:
| Role Name | Description |
|---|---|
| OpDashAdminRole | Built-in Administrator role. Provides full access. |
| OpDashPowerUserRole | Built-in Power User role. Allows access to Dashboards, Investigate, Explore, Reports execution and viewing services configuration. |
| OpDashOperatorRole | Built-in role for controllers. Allows access to Dashboards, Investigate and Explore views. |
| OpDashInvestigatorRole | Built-in role for investigators. Allows access to some of the Dashboards and Investigate views. |
Custom roles
Custom roles are optional, application-level, roles managed by the administrators. They can be used to limit access to certain data such as specific devices, domains, payload etc.
Each custom role is configured with several permission directives that dictate the allowed or denied access to devices, domains, services etc.
A user does not have to be assigned custom roles. Users that are not assigned any custom roles have access to all the data in the system, as limited by their built-in role to certain pages of the UI Web Console.
The custom roles are accessed and managed using the [Manage → System → Roles] page.
Each custom role can be linked to users and/or groups.