User Accounts
Role-Based Access Control
Last updated
Role-Based Access Control
Last updated
Local users and access permissions are handled via the Role-Based Access Control (RBAC) functionality. Userful’s RBAC revolves around creating predefined roles and then assigning users to those roles.
Roles are a collection of permissions that you can assign to a user group. This allows the privileges associated with that role to be performed on applications within the UCC. Broadly speaking, these are broken down into Control Center, Command and Control, and User Management tasks.
Before implementing RBAC you should evaluate the needs of the users in your organization and, based on the level of access they require to perform their duties, group users into roles that satisfy those requirements. It is a best practice to limit users to the minimum required role necessary for them to complete their assigned tasks.
User Accounts and Groups described here do not integrate with Userful Manager users and groups. This functionality is planned for a future release.
To get started with Role Based Access Control, click on the Users option present in the left side menu of the Userful Control Center. Initially, the User Accounts table is empty, while the list of groups includes Admin, Operator, and Restricted as three legacy group names. These predefined roles belong to the operating system level and cannot be modified with granular permissions. It is recommended to start creating new groups from scratch.
Here is a breakdown of the existing groups:
Admin: It has full control and the same access as the first user or system administrator.
Staff: It must be created from the Settings screen. Intended for legacy Public Computing deployments. Staff users can affect individual station logins and view interactive sessions (Cloud Desktop, Web Browser), but cannot edit sources, create video walls, or use Command & Control.
Operator: It is for use with Command & Control exclusively. Users with this group can start, close, move sources, and also recall predefined layouts, but they cannot edit sources or layouts.
Restricted: This Group has access to all the functions of UCC and C&C except User Management/ RBAC.
Though users are listed first, it is recommended to first create Groups, as permissions of the users must be assigned and defined by Groups. The steps to add a group are as follows:
Click on the Add Group button.
Enter the Name and Description of the group.
Enable the required permissions for the group under each system application.
Click OK.
The animation below shows an example of adding a new group with View-only access to the Command & Control center.
Steps to add a user and assign them to the same group.
Click on the Add User option.
Create a User Name and Password.
Assign the user to one of the Groups.
Click OK.
Resource Groups are the source groupings created using the Mapping functionality. This is helpful when a user is restricted in their access to certain sources and/or Zones. Users with access to a particular Resource Group will only be able to see those sources and whatever displays or zones have been assigned to them by users with higher access rights.
This allows granular control of the elements on the left-side menu of the Control Center.
Permission | Description |
Event Scheduler | Create, update and delete items in events. |
Event-Scheduler view | View-only access to events |
Network-Display management | Admin access to the displays section |
Network-Display view | View-only access to the displays section |
Operation-Support | Admin access to the support section |
Operation-Support view | View-only access to the support section |
Station-Mapping administration | Admin access to the mapping section |
Station-Mapping view | View-only access to the mapping section |
System settings | Admin access to the settings section |
System settings view | View-only access to the settings section |
The Command and Control Module provides you with a drag and drop GUI to resize and arrange sources in real-time within the video wall canvas.
Permission | Description |
Audio | Access to audio setting of sources |
Layout management | Create, update, and delete layouts |
Layout switching | Ability to switch between existing layouts |
Source activation | Activating existing sources from the list |
Source interactive viewer | Ability to interact with sources (where supported) |
Source management | Create, update, and delete sources from the list |
Source-instance arrangement | Minimize, maximize sources and move them within the canvas |
View access | View-only access to the C&C module |
The User Management module allows access to the following tools.
Permission | Description |
Users Administration | Create, update, and delete user accounts |
Users & Groups View | View-only access to the groups and users page |
Groups Administration | Create, update, and delete groups |
Permission | Description |
Control room Layout Switcher | Mobile interface to switch between saved command & control layouts |
Control Room Supervisor Dashboard | Interface to view control room walls generated from multiple peer systems |
