Юзеру может быть назначена одна или несколько ролей разными путями (этот механизм описан в статье Role and Group Inheritance). У нас есть стандартные системные роли и есть возможность создавать новые роли в зависимости от требований и задач бизнеса. Полномочия и возможности роли определяются настроенными для неё ACL Rules.
| Role | Description |
|---|---|
| admin | The System Administrator role. This role has access to all system features, functions, and data. Grant this privilege carefully. |
| caller | Can create incidents, read incidents created by him, add comments to his incidents. |
| change_manager | In any Change, Change Task, Approval Ticket can change the values of all fields in any status except closed |
| cmdb_manager | CMBD manager can create, read, update and delete records in sys_cmdb_ci and tables that extend sys_cmdb_ci. |
| impersonator | Can impersonate users, Does not allow impersonation of admin users. |
| import_admin | |
| incident_manager | caller abilities + can update all incidents |
| ITSM_agent | Includes the roles of ITSM process managers |
| notification_admin | |
| problem_manager | |
| request_manager | |
| script_admin | |
| security_admin | Grant modification access to High-Security Settings, allow the user to modify the Access Control List. |
| service_catalogue_manager | |
| service_level_manager | |
| service_owner |
