Rulex Platform roles¶
The authorization process defines specific user permissions, outlining the actions allowed for each user within the system.
Rulex Platform authorization system is based on two different objects:
User or Group Permissions
User or Group Roles
Permissions control all the operations users or groups are allowed to do on Rulex Platform Resources or Environments. More information on their structure and configuration can be found on this page. Roles determine the level of ownership that users and the groups hold over the configuration of Rulex Platform. They regulate the list of configurations within the entire software that users or groups are allowed to change.
Roles delineate the specific functions a user can perform at a granular level, including operations related to filesystems and databases. The handling of roles varies between the standalone and cloud/server versions:
Standalone version: only one role is defined: the admin role. During the installation process, users are prompted to choose whether to install Rulex Platform for a single user or for all users on the machine (machine-wide installation). In the first case, the user is automatically designated the admin role. In the second case, the first user with machine administrator privileges to access the Rulex Platform is assigned the admin role. Other machine administrators can request the admin role, and multiple users can hold admin privileges simultaneously. This procedure of system elevation is performed by using the system elevation procedure, and is only accessible to users or groups with admin rights on the host machine.
Cloud/server version: here several roles are defined, and different role compositions can be tailored to each user. The first user to access the system is granted the Platform admin role, which is a composite role comprehensive of the whole list below. Unlike the standalone version, admin roles can be finely defined, as outlined in the table below, and assigned to specific users or groups.
Role
Name
The User or Group can configure
Platform Admin
platformadmin
whole Rulex Platform, which encompasses all other roles (File Admin + Db Admin + REST API Admin + Mail Admin).
File Admin
fileadmin
Rulex Platform internal file shares locations (for local, api, cache files).
Database Admin
dbadmin
Rulex Platform working database locations
REST API Admin
restapiadmin
Rulex Platform machine API users (For more information on create, delete, permissions, see also page: Configuring REST API users).
Mail Admin
mailadmin
Rulex Platform mail server system.
Role Manager¶
In the cloud/server version, roles are assigned across groups and users by using the Role Manager panel.
You can open the Role Manager by clicking on the User icon located on the right side of the main toolbar and by selecting the corresponding entry from the recently displayed context menu.
The panel consists of three sublists containing different roles, each represented by graphical chips.
Users can assign roles to other users or groups based solely on the roles they possess. As a result, the initial list on the left comprises the array of roles (composite or individual) held by the current user within the Platform.
As a first step, you need to select from the drop-down menu the user or group to which you intend to assign the roles.
Any of your role chips in the left list can now be dragged and dropped onto the central list and thereby the corresponding role can now be assigned to the selected final subject.
The third list is only provided for informational purposes. If a composite role has been moved and consequently assigned, the list on the right shows the complete expanded set of roles, promptly communicating the list of privileges acquired by the final user or group.