Iguana X IguanaX has a Role role based permission system to restrict user access to various Iguana system and Component component controls.
...
To perform actions, a User needs the required permission. The only user that has all permissions granted to them by default is the admin user. By default, all other Users do not have access to edit Iguana system settings - they By default, every Iguana instance has an admin user with full access to Iguana system and component controls. Any users created by the admin must be granted access permissions through the use of Role Tags. For example, to edit ‘roles’ a User would need to have a matching #Role Tag that grants access to ‘Edit Roles’.
In Settings > Roles, the admin User can create custom #Role with lists of granted permissions to be assigned to both Users and Components.
Iguana system permissions will be applied to the User with the assigned #Role.
Component permissions will only be in effect for components with the assigned #Role in the Component Card Tags. The User #role does not need to match the Component #role, the component #role permissions trump.
...
Create a Role
...
roles to perform any iguana system or component actions.
Roles contain a list of granted permissions and are assigned to users and components as #role Tags. There are two types of roles:
Expand | ||
---|---|---|
| ||
User Roles are assigned to users to grant Iguana system and component controls. For example, you may have separate #roles for team members using Iguana based on their needs:
|
Expand | ||
---|---|---|
| ||
These can be used when you have particular components that you want to place further restrictions on. For a Component Role to apply, the User (agent) and the component (target) must have matching #roles. For example, critical components that may be used for operational purposes which do not need to be accessed by every user, a #critical role can be created and assigned to the component and the users who require access. Any user without the matching #critical role assigned, will not have the permissions on that #critical components. |
Creating Roles
Expand | ||
---|---|---|
| ||
|
Expand | ||||
---|---|---|---|---|
| Choose
| |||
|
...
Assigning Roles
Expand | ||
---|---|---|
| ||
Expand | ||
title | To assign a #Role, enter the RoleIn Settings > Users, click Edit on the User you wish to add a #Rolerole. You can add multiple Roles roles to a single User, each Role is additive and will provide the User the assigned access permissions. |
Assign Roles to Components
Components without any tags that match a Role are considered ‘unsecure’ with no permission restrictions applied to the component - ie. anyone can do anything to the component. To apply permissions to a component, you must add a Tag to the component that matches a Role.
Expand | ||
---|---|---|
| ||
In the Component Card Tags, you will see an alert stating that there are no matching role tags (no permissions applied), meaning that the User will have full component permissions available. |
user to apply both User Roles and Component Roles. |
Expand | ||
---|---|---|
| ||
Component Roles are assigned to components in the Component Card Tags field.
If a User applies a #Role tag which does not have Tag editing permission to a component, a warning will appear to confirm the change before applying the new permissions.
|
Once unique Users and Roles are configured in your Iguana instance, if you have another User with full admin rights, you can delete the admin user. In the future if this needs to be restored, you can do so on the command line.