1. Description

By default, there is one role - sysadmin, which has all rights and access.

The user has the right to access this or that page when configured with the necessary permissions.

The procedure for passing the access checks:

1. Availability of a license;
2. Permission to access the application;
3. Permission to access the partition (for applications that have partitions);
4. Permission for actions in the application/partition.

1.1. Availability of a license

Please get in touch with your Webitel representative to obtain a license.

1.2. App permission

The permission to access the application is defined on the Applications access tab of the role entry, which is on the Roles page from the Permissions category. How to set this resolution can be found here.

1.3. Permission to access the partition 

Permission to access a partition is defined in a modal window (opened through the editing tool of the application containing this partition) on the Applications access tab for the role entry, which is on the Roles page from the Permissions category. How to set this resolution can be found here.

In cases where additional settings are enabled (switch(s) in the on position) on the Objects page (from the Permissions category), access can be granted through the Managed by operations tab or the Permissions tab of the particular entry to which you want to get permission.

Available only for entry from those partitions to which access is granted!

1.4. Permission to action in an application/partition

By default (on the Objects page from the Permissions category, the switches are in the off position), those users who have permission to access the application or partition are allowed all actions.

Permission for actions in the partition can be configured:

• On the Managed by operations tab of the entry of the particular partition, which is on the Objects page. They are used when additional settings are enabled (on the Objects page, in the entry of the particular partition, the Managed by operations switch is in the on position (Fig. 7);
• On the Managed by records tab of the entry of the particular partition, which is on the Objects page. You can set default values for new entries in the selected partition (these settings will be set in the Permissions tab when creating a new entry in the chosen partition);
• On the Role permissions tab to the role entry, which is on the Roles page. Here you can configure rights such as rights to eavesdrop on a conversation, view CDR phone numbers, export data  grid, play a call recording, as well as global rights to select, update, delete and create;
• on the Permissions tab of the particular entry to which you want to obtain permission. They are used when additional settings are enabled (on the Objects page, in the entry of the particular partition, the Managed by records switch is on (Fig. 5)). Available only for entry from those sections to which access is granted!

Action permissions for a particular created entry can be changed in the tab of the entries, which are located in the following partition:

• Users;
• Devices;
• Buckets;
• Call lists;
• Calendars;
• Agents;
• Teams;
• Resources;
• Resource groups;
• Queues.

In the case when permission to access a partition is available, but additional settings are enabled (switch (s) in the on position) on the Objects page that does not allow viewing, then the right to view the partition may be granted via the Select right in the Role permissions tab (see Option 5).

2. Practical examples

A task:

Make settings under which the Test_User user will have access to view data about the Test_team team.

Option 1

These conditions are met:

• license CALL_CENTER;
• the Test_User user is assigned the Super-admin role (Fig. 1). The Super-admin role has access to the Admin application (Fig. 2) and the Team partition of this application (Fig. 3). Configured in the Applications access tab of the Super-admin entry, which is on the Roles page;

Fig.1. Assigning the Super-admin role

Fig.2. Allowing the Super-admin role to access the Admin application

Fig.3. Allowing the Super-admin role to access the Teams partition of the Admin application

• on the Objects page in the cc_team entry, the Managed by operations and Managed by records  switches are off. (Fig.4).

Fig. 4. The Managed by operations and Managed by records  switches are off.

Option 2

These conditions are met:

• license CALL_CENTER;
• the Test_User user is assigned the Super-admin role (Fig. 1). The Super-admin role has access to the Admin application (Fig. 2) and the Team partition of this application (Fig. 3). Configured in the Applications access tab of the Super-admin entry, which is on the Roles page; 

• on the Objects page in the cc_team entry, the Managed by records  switch is on (Fig.5).

Fig. 5. The Managed by records  switch is on

• in the Permissions tab of the Test_team entry, that on the Teams page there is permission to action for the Test_User user, or for the Super-admin role (Fig. 6)

Fig.6. Action permission for Super-admin role

Option 3

These conditions are met:

• license CALL_CENTER;
• the Test_User user is assigned the Super-admin role (Fig. 1). The Super-admin role has access to the Admin application (Fig. 2) and the Team partition of this application (Fig. 3). Configured in the Applications access tab of the Super-admin entry, which is on the Roles page; 
• on the Objects page in the cc_team entry, the Managed by operations  switch is on (Fig.7).

Fig. 7. The Managed by operations  switch is on

• in the Managed by operations  tab of the cc_team entry, which is on the Objects page, there is permission to action for the Test_User user, or for the Super-admin role (Fig. 8).

Fig. 8. Action permission for Test_User user

Option 4

These conditions are met:

• license CALL_CENTER;
• the Test_User user is assigned the Super-admin role (Fig. 1). The Super-admin role has access to the Admin application (Fig. 2) and the Team partition of this application (Fig. 3). Configured in the Applications access tab of the Super-admin entry, which is on the Roles page; 
• on the Objects page in the cc_team entry, the Managed by operations and Managed by records  switches are on. (Fig.9);

Fig. 9. The Managed by operations and Managed by records  switches are on

• in the Managed by operations  tab of the cc_team entry, which is on the Objects page, there is permission to action for the Test_User user, or for the Super-admin role (Fig. 8);
• in the Permissions tab of the Test_team entry, that on the Teams page there is permission to action for the Test_User user, or for the Super-admin role (Fig. 6).

Option 5

These conditions are met:

• license CALL_CENTER;
• the Test_User user is assigned the Super-admin role (Fig. 1). The Super-admin role has access to the Admin application (Fig. 2) and the Team partition of this application (Fig. 3). Configured in the Applications access tab of the Super-admin entry, which is on the Roles page; 
• in the Role permissions  tab of the Super-admin entry, on the Roles page, there is the Select permission (Fig. 10).

Fig. 10. The Select permission