mirror of
https://github.com/Icinga/icingaweb2-module-businessprocess.git
synced 2026-01-06 13:39:34 -05:00
28 lines
1.3 KiB
Markdown
28 lines
1.3 KiB
Markdown
<a id="Permission System"></a>Permission System
|
|
=================================================
|
|
|
|
The permission system of the module is based on permissions and restrictions.
|
|
|
|
Permissions
|
|
-----------
|
|
|
|
The module has five levels of permissions:
|
|
|
|
* Granting general module access allows a user to view business processes. (`module/businessprocess`)
|
|
* Create permissions allow to create new business processes. (`businessprocess/create`)
|
|
* Modify permissions allow to modify already existing ones. (`businessprocess/modify`)
|
|
* Permission to view all business processes regardless restrictions. (`businessprocess/showall`)
|
|
* Full permissions. (`businessprocess/*`)
|
|
|
|
Restrictions
|
|
-----------
|
|
|
|
There are two ways to configure restrictions: prefix-based and access controls
|
|
|
|
### Prefix-based
|
|
|
|
This option allows to limit access of a role to only business processes with a specific prefix. For this the ID (Configuration name) of a business process has to start with a prefix and it has to be set as restriction on the role. (`businessprocess/prefix`)
|
|
|
|
### Access controls
|
|
|
|
This option allows for more fine granular permissions based on user (`AllowedUsers`), group (`AllowedGroups`) and role (`AllowedRoles`). These attributes take a comma-separated list, get added to the header of the business process configuration file and limit access to the owner and the mentioned ones.
|