A user account is defined by a log-in name and password, and has a set of access rights associated with it. Users access MobileTogether Server for administrative purposes or as client end users.
Access rights are determined by the privileges a user is granted. A user receives privileges in the following ways: (i) privileges inherited from roles the user is a member of, (ii) privileges assigned directly to the user. A role is defined by a set of privileges. A role is either assigned privileges directly and/or inherits the privileges of another role that it is a member of. Privileges themselves are access rights to the various administrative functions and services of MobileTogether Server. Examples of privileges are: the right to manage server settings, to set a user's own password, to run simulations on the server.
Through the use of roles, user privileges can be defined in a hierarchical way. For example, the role of SimpleAdmin role could allow the privilege, Manage server settings. If AdvancedAdmin is a member of SimpleAdmin, it inherits the management of server settings, and could additionally be assigned the privilege, Maintain users, roles and privileges. The hierarchical chain can the be further extended. For a list of privileges, see Available Privileges.