Permissions
Permissions are the properties of role categories that can be configured.
Figure 11. Permissions in Edit Role view
- Read allows the user to view information of this category type. If this permission is denied, the user cannot see information that is assigned to this category.
- Write allows the user to view and modify information of this category type. If this permission is denied, the user may be able to see information that is assigned to this category (if Read permission is granted) but not modify it.
- Invoke relates to calling or activating a command or subroutine. Depending on the context, an invoke is some sort of action,
such as a ping, update, override, or door-unlock action. Different actions are available and based on the component, and many
have no actions available.
When an invoke permission is granted for a certain category, the user can initiate an available action on the components assigned to the category. If an invoke permission is denied, the user cannot take any action on a component that is assigned to this category.
For example, a user with Alarm Console invoke permission can force clear an alarm. With only read and write permission, a user can acknowledge alarms, view and edit alarm notes and details, but cannot force clear.
Figure 12. Permissions granted to a personnel manager
- Badge Management: Read, Write, Invoke
- Personnel Management: Read, Write, Invoke
- Access Rights: Read
- Tenant Management: Read