Privileges themselves are access rights to the various administrative functions and services of MobileTogether Server. When a user logs in to MobileTogether Server (either via its Web UI or services interface), the user's access rights are determined by the user's privileges. Privileges are assigned to the user either directly or via roles, in the Users and Roles tab.
The available privileges are described below.
Any user having this privilege can create, delete and edit users and roles, their privilege assignments and passwords. This is an administrative privilege and should only be assigned to MobileTogether administrators. By default, only the user "root" possesses this privilege.
Any user having this privilege can change his own password. Users who do not have this privilege need to have their password set by a MobileTogether administrator. By default the "authenticated" role, and hence every user account except "anonymous", possesses this privilege.
Any user having this privilege can change permissions in the container hierarchy without needing "write" security permission. This allows MobileTogether administrators to regain access to resources accidentally rendered inaccessible. This is an administrative privilege and should only be assigned to MobileTogether administrators. By default, only "root" possesses this privilege.
Allows the user to use the password stored on the client. User does not need authentication.
By default users can only see log entries related to Configurations they have "read" access to. By granting this privilege a user can read all log entries, including those not associated with a specific configuration. By default, only "root" possesses this privilege.
Allows the user to view the cache overview on the server.
Allows the user to see the licenses overview on the server.
By default users will only see their own user account and any roles they are member of. By granting this privilege a user can read all defined users and roles. By default, only "root" possesses this privilege.
Allows the user to edit server settings.
Allows detailed workflow execution logging to files, if the "logging to file directory" option is enabled in the Logging group of the Settings dialog box.
Server statistics are tracked in an internal database, and can be read by opening the statistics.mtd solution. This privilege allows the user to read server statistics. Activate the feature by setting a non-zero number of days as the period for which statistics should be tracked. See the description of the Statistics setting for more information.
Allows the user with this privilege to have read/write access to databases on the server. (Write access is implicit, assuming that the server is accessed via an administrator port and the Manage server settings privilege has been granted). If this privilege has not been granted, the setting Server-side DB Connections is not displayed.
Allows the user with this privilege to read the global resource alias/configuration from the server.
Allows the user with this privilege to write/save the global resource alias/configuration to the server.
Allows a user to open a deployed MobileTogether design file from the server. The host login details are supplied by selecting the menu option File | Open from MobileTogether Server.
Allows a user to save/deploy a MobileTogether design file to the server. The host login details are supplied by selecting the menu option File | Deploy to MobileTogether server.
Allows the user having this privilege to run a simulation from the browser (and preview the result). Note the Back browser button returns you to the container view.