Role-based access¶
The Smartswitch system allows system users to have role-based access to the web interface.
This means that the system administrator can define roles that determine the visibility of system elements.
The structure of roles is described in the Roles section.
- visibility of certain web interface elements
- availability of operations in the database (selection, insertion, deletion)
Thus, you can create your own roles and define in them the part of the system interface available to users.
When adding web access for users, you will need to specify a role for each of them.
When the created user enters the system, he will see only what you have defined for him.
This serves as the basic concept for creating Virtual PBX and Dealer Access to the system.
ACL has 3 types:
- Account ACL. Defines the visibility zone of the cabinet web interface elements. For example, visible menus on the main page.
- Database ACL. Specifies the available operations on database tables.
- Call handler ACL. Defines the available elements in Call Handler
The Account ACL takes precedence over the Database ACL. Having blocked an element in the Cabinet ACL, it ceases to be visible in the web interface menu and you will not be able to enter it at all.
However, by disabling access to an item in a Database ACL that is open in a Desktop ACL, it remains visible in the menu, but the system displays an error when attempting to access or modify (depending on access settings).
The default values for the Database ACL are found in the Database tab in the role.
The default values for Account ACL are found in the Account tab in roles.
In the Account ACL/Database ACL menu, you can override access options for each table/menu item.
- block everything by default and unblock one table/menu item via menu Account ACL/Database ACL
- unblock all by default and block one table/menu item via menu Account ACL/database ACL
The choice of the appropriate method depends on whether you want to open or hide most of it.
Each object (each row) in the database has an associated responsible user ID.
When a new object (new row) is created, this identifier is set to the identifier of the user who creates this object.
See the Roles section for the meaning of each option.