Product Knowledge Base

Space shortcuts

Page tree

Versions Compared

Old Version 26

changes.mady.by.user Alan Amos

Saved on

compared with

New Version 27

changes.mady.by.user Alan Amos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Use Case added

...

The Folder part of the view is for restricting the Role to accessing particular Folders - and thereby particular Jobs, Job Chains, etc - within a JobScheduler Master's live folder and will be described later.

Editing Permissions is  described below .

Initial Configuration

Adding User Accounts and Roles

...

In addition, the same article contains a link to a full list of all Permissions that can be granted.

Anchor

...

editing-permissions
editing-permissions

...

Editing User Permissions

Permissions Structure

Permissions are hierarchical:

...

By default Permissions are granted for all the JobScheduler Masters and  JobScheduler Master Clusters in an environment.

 

Anchor
folders
folders
Folders

Folders are used to restrict User access to JobScheduler Objects such as Jobs, Orders and Schedules. This means that, for example, Users can be can be restricted to accessing only Objects for particular mandators / clients.

...

Roles with Folder Permissions are often configured for Users in combination with default Roles. For example, if the demo_user described here was allocated the it_operator Role in addition to the demo_role, they would be able to carry out the tasks allowed by the default IT Operator Permissions but only for JobScheduler Objects in the demo folder and, if configured, its child Folders. See the Use Case below for an example configuration.

 

Use Cases

Multi-Mandator Scheduling

A JobScheduler Master can be used to provide job scheduling services for a number of mandators / clients and ensure that Users such as operators or support staff associated with one mandator do not have access to scheduling activities or configuration information of another mandator. This is achieved with a combination of Roles and Folder Permissions.  

Consider a JobScheduler Master carrying out scheduler activities for two clients mandator A and mandator B:

  • The JobScheduler's live Folder is structured as follows:
    • live
      • mandator_a_folder (for all Jobs, Orders, etc. for this client)
      • mandator_b_folder (for all Jobs, Orders, etc. for this client)
      • sos (the default folder for housekeeping and other Jobs, Orders, etc.)
  • Incident management for each mandator is carried out by separate User with the default incident_manager Role and a role with Folder Permissions restricting them to the respective mandator Folder- i.e.
    • mandator_a_im_user
      • incident_manager (common default Role)
      • mandator_a_role (mandator-specific Role)
        • mandator_a_folder (Folder Permission)
    • mandator_b_im_user
      • incident_manager (common default Role)
      • mandator_b_role (mandator-specific Role)
        • mandator_b_folder (Folder Permission)

The above configuration means that the incident manager Users for mandator A and mandator B will only be able to see the Jobs, Orders, log files, and other possibly confidential information for their respective mandator.

See the Folders Section (above) for instructions about configuring Folder Permissions.