A user account is defined by a log-in name and password, and has a set of access rights associated with it. Users access MobileTogether Server for administrative purposes or as client end users.
Access rights are determined by the privileges a user is granted. A user receives privileges in the following ways: (i) privileges inherited from roles the user is a member of, (ii) privileges assigned directly to the user. A role is defined by a set of privileges. A role is either assigned privileges directly and/or inherits the privileges of another role that it is a member of. Privileges themselves are access rights to the various administrative functions and services of MobileTogether Server. Examples of privileges are: the right to manage server settings, to set a user's own password, to run simulations on the server.
Through the use of roles, user privileges can be defined in a hierarchical way. For example, the role of SimpleAdmin role could allow the privilege, Manage server settings. If AdvancedAdmin is a member of SimpleAdmin, it inherits the management of server settings, and could additionally be assigned the privilege, Maintain users, roles and privileges. The hierarchical chain can the be further extended. For a list of privileges, see Available Privileges.
A user is defined by a name-and-password combination. Users access MobileTogether Server in two ways:
Two special users are predefined:
A privilege is an activity that a user is allowed to carry out. There is a fixed number of MobileTogether Server privileges, and a user can be assigned zero to all of the available privileges. It is, however, good practice to assign privileges via roles (see next section), rather than to assign privileges directly to the user. The assigning of privileges and roles to a user is done by a user that has been assigned this privilege. Initially, it is root user that has this privilege.
The screenshot below shows all the available privileges.
The tab Users and Roles | Reports | Privileges Report provides a list of all privileges, with each privilege being listed together with all the users/roles that have that privilege.
A role defines a set of privileges. It can be assigned to another role or to a user. A role's privileges automatically become the privileges of any other role or any user that the role is assigned to. A user can be assigned any number of roles. As a result, a user will have all the privileges defined in the multiple assigned roles.
The following roles are predefined:
© 2019 Altova GmbH