Documentation

# Permissions

# Permissions Management

  • User Restrictions:

    • Users cannot edit their own permissions.
    • Users cannot add themselves to any company.

  • Leaving a Company:

    • A user can remove themselves from a company if:

      • The company has at least one other Company Admin.
      • The user has the "Edit Users" permission for that company.

  • Profile Information Editing:

    • Users may always edit their own profile information (e.g., email, name) regardless of their permissions.

Managing Other Users:

  • A user can remove another user from a company if they have "Edit Users" permission on that company.
  • A user can edit another user's profile information only if they have "Edit Users" permission for at least one of the companies the user is in.

# Explanations of Individual Permissions

user_permissions

# Company Admin - sets a fixed set of permissions:

  • User Permissions:

    • View: Allows viewing the list of users the current user has access to.
    • Create: Allows creating new users within the user's company.
    • Edit: Allows editing existing users.
    • Delete: Allows deleting other users within the same company.

  • Company Permissions:

    • Create: Allows creating new standalone companies.
    • Edit: Allows editing existing companies.

  • Devices Permissions:

    • View: Allows viewing device details.
    • Claim & Release: Allows claiming or releasing a device in the system.
    • Edit: Allows editing device settings.
    • Delete: Allows deleting a device from the company. System-wide device deletion requires sysadmin permissions.

  • Alerts, History, Rules & Endpoints Permissions:

    • View: Allows viewing the list of alerts, history entries, rules, and endpoints.
    • Create: Allows creating new alerts, history entries, rules, and endpoints.
    • Edit: Allows editing existing alerts, history entries, rules, and endpoints.
    • Delete: Allows deleting alerts, history entries, rules, and endpoints.

  • VPN Networks

    • View: Allows viewing the list of VPN networks.
    • Create: Allows creating new VPN networks.
    • Edit: Allows editing existing VPN networks.
    • Delete: Allows deleting VPN networks.

  • VPN Roadwarriors (remote VPN users)

    • View: Allows viewing the list of VPN roadwarriors.
    • Create: Allows creating new VPN roadwarriors.
    • Edit: Allows editing existing VPN roadwarriors.
    • Delete: Allows deleting VPN roadwarriors.

  • VPN Settings

    • View: Allows viewing the VPN settings.
    • Edit: Allows editing the VPN settings.

  • Additional Permissions:

    • Auditing: Allows viewing auditing details.
    • Fields: Allows managing fields.
    • Views: Allows managing views.
    • AppStore: Allows managing the AppStore.
    • Billing: Allows managing billing.

Companies