Permission Management
Please note that, in some cases, downgrading permissions can result in the user whose permissions are being downgraded automatically logging out. Check the full list of Auto Logout reasons.
https://galooli.atlassian.net/wiki/spaces/KP/pages/2723872777/Galooli+Solution#Auto-Logout
General Permission
Permission Name | Permission Purpose | Platforms where changes are reflected |
---|---|---|
Tenants | The name of the tenants that the user can see information about them on the various Galooli platforms. Separate the names of the tenants by a comma (“,”) without any spaces between the comma and the tenant's names If the user is expected to see all tenants, the word "Any" should be used. |
Colocation NOC Power Consumption Pro Reports CPH Report |
Subsidiary IDs | Internal Galooli ID's for accounting purposes | Admin |
Clusters Permission
The Clusters tool allows the user to select which clusters and groups will appear across all Galooli platforms. to that specific user.
The Galooli user creation and editing process include some logic behind the scenes regarding cluster and group view permissions. The following table summarizes the logic. You can find more detailed information in the paragraphs following the table.
User Creation Logic | User Editing Logic | |
---|---|---|
As a default, when you create a new user in the organization, the new user will inherit the same clusters and group view permissions as the original user
|
You have permissions to see all groups in a cluster |
You have permission to see part of the groups in a cluster |
As a default, you can add or edit view permission to another user in the organization based on your viewing permissions. | As a default, you can add or edit view permission to another user in the organization based on your viewing permissions however, if you add a new cluster to an existing user, he will get access to all groups in the cluster even if you do not have access to those groups. |
User Creation Logic
As a default, when a user creates a new user in the organization, the new user will receive the same clusters and group view permissions as the original user.
For example:
User “A” wants to create a new user in the system. The user "A" has access to cluster "1" and groups "a", "b", and "c". As a default, if user "A" creates a new user ("B"), this new user will have access to the same cluster and groups as User "A".
User Editing Logic
The ability of a user to add/remove viewing permissions is limited to the level of the permissions he has. The editing user can add/remove viewing permissions to clusters and groups based on his viewing permissions. The logic for user editing can be divided into two main categories:
The editor has access to all groups in a cluster
User “A” wants to add cluster 1 to user “B”. The user "A" has access only to cluster "1" and groups "a", "b", and "c" out of several clusters. Therefore, user "A" can only add this cluster and groups to user "B" and cannot see/add other clusters and groups.The editor does not have permission for all the groups in some cluster
User “A” wants to add cluster 1 to user “B”. The user "A" has access to cluster "1" and groups "a", "b", "c", but cluster "1" contains other groups that the user can't access ("d", "e", "f"). As a result of user "A" adding view permissions to cluster "1" to the user "B", user "B" will be automatically granted access to all groups in the cluster ("a”, "b”, "c", "d", "e", "f"), even if user "A" does not have view permissions for groups "d", "e", "f".Why?
Due to the groups view permission editing logic, all groups under a cluster are viewable by default
Organizations Permission
Galooli's Organization tool allows multi-users to choose which organizations they can log in to across all platforms.
"All Organization" allows the user to view all the organizations within Galooli platforms, including any future organizations.
This option is only available to Galooli administration users.
“Select All”
This section allows the user to select the relevant organizations that they wish to view in the Galooli platforms one by one or to mark the "Select All" check box, which will select all of the organizations. By selecting this option, no future organizations will be automatically added
General Authorization Permission
Permission Name | Permission Purpose | Platforms where changes are reflected |
---|---|---|
Disable User | The option of temporarily disabling the user. In the event that action is taken, the following consequences will occur:
Users with Edit/Full permission to the My Users module are capable of performing this operation. https://galooli.atlassian.net/wiki/spaces/KP/pages/2584182813/Permission+Management#Galooli-Manager-Permission |
|
Live display access | Disabled - Blocking the login to Galooli platforms | Galooli Solution |
Enabled - Allowing the login to Galooli platforms | ||
| Disabled - Hardware configuration tools will not be available to the user |
Configuration Center |
Online Store | Inactive at this time |
|
Auto-add clusters |
A new user who is created in the system will automatically be able to see all the clusters, based on their authorization level | Fleet |
|
| Galooli Solution |
Galooli Manager Permission
In order to access the various menus in the "Manager" application, the user must have at least "Read-only" permissions, except for the following two menus that will remain accessible regardless of whether all menus are disabled:
Permission Name | Permission Purpose | Platforms where changes are reflected |
---|---|---|
Preferences | Disabled - The user will not see data about the Organization Preferences |
Manager application Preferences |
Read-only - The user may see data about the Organization Preferences | ||
Edit - The user may add/edit data of “My preferences” and “My Dimensions” menus only | ||
Full - The user may add/edit all the data about the Organization Preferences | ||
| Disabled - The user will not see data about the access and security |
Manager application Access & Security |
Read-only - The user may see data about the access and security | ||
Edit - User can only remove users from the blacklist | ||
Full - Users can see, edit, add and delete all the access and security data. Mandatory for “Reset All Passwords” tool. | ||
| Disabled - The user can not enter the Audit |
Manager application Audit |
Read Only - The user can enter the Audit menu but can not see the "Usage Report" button | ||
Edit - The user can enter the Audit menu and use the "Usage Report" option | ||
Full - The user can enter the Audit menu and use the "Usage Report" option | ||
Account Balance | Disabled - The user will not see data about the account balance | Manager application Account Balance |
Enabled - The user will see data about the account balance | ||
| Disabled - The user will be able to view the organizational information (in My Units and in the reporting), and to use the "KPI Breakdown". The user will not be able to change the values in the table. |
Manager application |
Read-only - same as Disabled | ||
Edit - in addition to the view, the user will be able to edit the organizational information (if it is not read only). | ||
Full - in addition to edit, the user can use the "Copy Settings" button. | ||
My Units
| Disabled - User will not see clusters data window and “INFO” window |
|
Read-only - User may see data about clusters | ||
Edit - User may edit data in clusters | ||
Full - Users can see, edit, add, clone, and delete data in clusters | ||
My Units
| Disabled - User will not see groups data window and “INFO” window |
|
Read-only - Users may see data about groups | ||
Edit - User may edit data in groups | ||
Full - Users can see, edit, add and delete data in the groups | ||
My Units
| Disabled - User will not see units data window and “INFO” window |
|
Read-only - User may see data about units | ||
Edit - It is possible to edit the data of the units, but not the names and the “X-Ray Definitions” menu. | ||
Full - User may edit existing data of the units including the unit name. Additionally, users will be able to add new units and delete existing ones. Users will be able to use bulk update feature to upload files as part of this service. | ||
My Users
| Disabled - The user will not be able to see any other users, only himself. It is possible for the user to change his own permissions but not choose the organizations |
Manager application
|
Read -only - The user is able to see data about all users but is not able to edit any of the data about them, only himself, and is not permitted to select organizations. | ||
Edit - The user has the permission to edit the data of the users and himself, but is not allowed to add or delete users, and is not permitted to edit organizations. | ||
Full - It is possible for users to view, edit, add, and delete data belonging to all other users and themselves, and permitted to select organizations for other users and him self. | ||
My Geofences
| Disabled - The user will not see the Geofences Management menu |
Manager application |
Read-only - Users may see data about the Geofence management | ||
Edit - User may edit Geofence data | ||
Full - User can see, edit, add and delete Geofence data | ||
My Assets
| Disabled - User will not see data about a assets |
Manager application |
Read-only - User may see data about a assets | ||
Edit - User may edit assets data | ||
Full - User can see, edit, add and delete assets data | ||
My Calibrations
| Disabled - The user will not see data about the calibrations | Manager application |
Read-only - The user may see data about the calibrations | ||
Edit - User may edit calibrations data | ||
Full - Users can see, edit, add and delete calibrations data | ||
My Contacts
| Disabled - The user will not see data about the contacts | Manager application |
Read-only - The user may see data about the contacts | ||
Edit - User may edit contacts data | ||
Full - Users can see, edit, add and delete contacts data | ||
My Versions | Disabled - The user will not see data about the version upgrades |
Manager application |
Read-only - Users may see data about the version upgrades | ||
Edit - User may see data and upgrade/abort versions | ||
Full - User may see data and upgrade/abort versions, User can request free version and can choose Ota and Ota Batch version | ||
My Digital Twin | Inactive at this time | Manager application |
My Automations
| Disabled - The user will not see data about the automation solution |
Manager application |
Read-only - The user can see the existing automations in the table and the logs but cannot edit them and cannot add/remove automations | ||
Edit - All capabilities except for "New" and "Remove" are enabled | ||
Full - All capabilities are available
| ||
My Service Logs
| Disabled - The user will not see the Activity tab |
Manager application
|
Read-only - User may see the data in the Activity tab | ||
Edit - User may edit data in the Activity tab | ||
Full - Users can see, edit, add and delete data in the Activity tab | ||
| Disabled - The user will not see data about the X-Ray applications. |
Manager application
|
Read-only - The user can view the X-Ray tables but cannot edit, add or remove tables. | ||
Edit - The user can edit existing X-Ray tables | ||
Full - In addition to edit, the user can add/ remove X-Ray tables | ||
Forms Gate
| Disabled - The user will not see data about the forms gate | Manager application Forms Gate |
Read-only - Users may see data about the forms gate | ||
Edit - User may cancel the requests for data change | ||
Full - User may cancel and approve requests for data change |
Galooli Pro Permission
In order to access the various menus in the "Pro" solution, the user must have at least "Read-only" permissions. The user will be able to see only the "Pro" solutions icon without those minimum permissions, however, the icon will be grayed out and not clickable.
Permission Name | Permission Purpose | Platforms where changes are reflected |
---|---|---|
| Disabled - The user will not see data about the Pro |
Pro |
Read-only/Edit/Full - The user may add/edit/delete all the data in the Pro application |
Galooli NOC Permission
In order to access the various menus in the "NOC" solution, the user must have at least "Read-only" permissions. The user will be able to see only the "NOC" solutions icon without those minimum permissions.
Permission Name | Permission Purpose | Platforms where changes are reflected |
---|---|---|
| Disabled - The user will not be able to access the NOC solution |
NOC |
Read Only - The user will be able to access the NOC solution and fully view all the alerts. The configuration tab will show but the user will not be able to change any detail. the user will not be able to clear nonactive alarms. | ||
Edit - The user can:
| ||
Full - The user will be able to make changes through the configuration tab |
Galooli Apps Permission
In order to access the various menus in the "Apps" application, the user must have at least "Read-only/Enabled" permissions. The user will be able to see only the "Apps" application icon without those minimal permissions.
Permission Name | Permission Purpose | Platforms where changes are reflected |
---|---|---|
| Disabled - The user will not see data about the power consumption | Apps |
Enabled - The user will see data about the power consumption | ||
| Disabled - The user will not see data about the colocation NOC | Apps |
Enabled - The user will see data about the colocation of NOC | ||
| Disabled - The user will not see data about the Grid Usage Report Read Only - The user will see data and can execute the report Edit - Same as read only Full - Same as read only |
|
| Disabled - The user will not see data about the CPH Report Read Only - The user will see data and can execute the report Edit - The user will see data and can execute the report Full - The user will see data and can execute the report |
Apps |
Grid Oracle | Disabled - The user will not see data about the Grid Oracle Read only - The user will see data and can execute the report Edit - The user will see data and can execute the report Full - The user will see data, execute the report and upload a file |
Apps |