Юзеру может быть назначена одна или несколько ролей разными путями (этот механизм описан в статье Role and Group Inheritance). У нас есть стандартные системные роли и есть возможность создавать новые роли в зависимости от требований и задач бизнеса. Полномочия и возможности роли определяются настроенными для неё ACL Rules.
Role | Description |
---|---|
admin | The System Administrator role. This role has access to all system features, functions, and data. Grant this privilege carefully. |
caller | Can create incidents, read incidents created by him, add comments to his incidents. |
change_manager | In any Change, Change Task, Approval Ticket can change the values of all fields in any status except closed |
cmdb_manager | CMBD manager can create, read, update and delete records in sys_cmdb_ci and tables that extend sys_cmdb_ci. |
impersonator | Can impersonate users, Does not allow impersonation of admin users. |
import_admin | |
incident_manager | caller abilities + can update all incidents |
ITSM_agent | Includes the roles of ITSM process managers |
notification_admin | |
problem_manager | |
request_manager | |
script_admin | |
security_admin | Grant modification access to High-Security Settings, allow the user to modify the Access Control List. |
service_catalogue_manager | |
service_level_manager | |
service_owner |