Disclaimer: features differ based on Subscription Plan
Access Control List, or ACL.
The access right is the ability to see certain system objects and carry out authorized actions with them. In the first place, the access rights are applied to the macro objects of the system such as accounts (resources), units, users, unit groups, and retranslators. Read more about macro objects here.
The access rights are established primarily by the service manager. However, some features can be available to the end user. Any users of the system, including managers and end users of any level, can be rights holders.
When you create a user, you can grant them access rights on the Access tab. You can also establish the rights on the same tab in the properties dialogues of the system objects.
Types of rights
The set of standard rights that can be applied to any type of macro object includes:
View item and its basic properties
View detailed item properties
Manage access to this item
View custom fields
Manage custom fields
View admin fields
Manage admin fields
Edit not mentioned properties
Query messages or reports
Edit ACL propagated items
Manage item log
View and download files
Upload and delete files
Find more about standard rights here.
Besides, for each object type, there are special rights, that is, a proper list of allowed and forbidden actions that are individual for this particular type of object. For instance, the unit ACL includes a special right to create, edit and delete service intervals, the user ACL contains the right to act as a given user, the resource ACL has the right to create, edit, and delete geofences, and so on. See more information about special rights for each type of object on the following pages:
On the Access tab of every object, the rights are divided into two sections. The left section displays standard rights, and it is the same for any type of object. The right section contains special rights, and its contents depend on the type of the object to which the access is set.
When assigning rights, it is important to maintain the hierarchy.
The user-creator has full rights to the created object. Only the user of the higher level can limit these rights.
It is impossible to give a user more rights to an object than the creator of this user has to the same object.
A user who has transfer rights can transfer the rights to other users. However, the user can not transfer more rights than they have themselves.