You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

Roles control access to features and capabilities of the system (admin and security_admin roles have access to all capabilities).

In SimpleOne, roles can be separated into three abstract layers based on their daily duties and powers (roles are sorted in the ascending order):

  1. End-users;
  2. ITSM Agents;
  3. Administrators.

End-users


Generally, end-users have no specific role in the system. They are able to raise tickets via Self-Service Portal, track their progress, add comments, but they can neither use the administrative interface nor perform any actions in it due to a lack of specific roles.

The only role in the system that can be assigned to end-user is the caller role,

ITSM Agents


ITSM Agents are the employees handling daily tasks in the system, for example, processing Incidents, or Change Requests, or configuring CMDB. To perform these duties, one or more roles should be designated to the agent, based on his tasks and responsibilities.

In SimpleOne, we have a number of roles for ITSM agents:

RoleDescription
ITSM_agentCan perform standard actions for an ITSM agent (like opening, updating, and closure incidents, changes, problems, and requests). This is a parent role for other ITSM-related activities roles.
change_managerCan change the values of all fields in any Change Request, Change Task, Approval Ticket in any status except closed.
cmdb_managerCMDB manager can create, read, update and delete records in Configuration Management Database
incident_managerIn any Incident, Incident Task, can change the values of all fields in any state except Closed.
problem_managerCan change the values of all fields in any Problem, Problem Task in any state except Closed.
request_managerCan change the values of all fields in any Service Request, Request Task in any state except Closed.
service_catalogue_managerCan change the state of any Article related to any Service specification (Internal or External).
service_level_managerCan edit SLM related records (Agreement Commitment, Commitment Type, Timepoint Indicator, Timeframe Indicators).
service_ownerCan change the state of any Article related to Service specification (Internal or External) of the owned Service.


Administrators are 


Юзеру может быть назначена одна или несколько ролей разными путями (этот механизм описан в статье Role and Group Inheritance). У нас есть стандартные системные роли и есть возможность создавать новые роли в зависимости от требований и задач бизнеса. Полномочия и возможности роли определяются настроенными для неё ACL Rules.

Есть три типа ролей:

End-user (человек без роли);

ITSM Агент (человек с одной или несколькими ролями, выполняющий те или иные задачи по процессам. Он занимается обслуживанием, выполняет заявки, tickets, поступившие от end-users. );

Админ (администратор системы, в том числе security_admin)


получив роль problem_manager, получаю ли я автоматом роль ITSM_agent?
получая роль ITSM_agent, назначаются ли мне автоматом все дочерние?

надо дополнить доку по наследованию


RoleDescription
admin

The System Administrator role. This role has access to all system features, functions, and data.

impersonatorCan impersonate users. Does not allow impersonation of admin users.
import_adminCan manage all aspects of imports (including import sources, import sets, transform maps, and field sets).
notification_adminCan create and edit notification rules.
security_adminGrant modification access to High-Security Settings, allow user to modify the Access Control List
  • No labels