Use Case

Bazefield offers fine-grained control over user access permissions in the portal through the roles and access features of the  User Manager application (typically found under Administration). In this example we will create a read only role.

Typical administrative 'super' users will have the default "Admin" root role applied (Role ID = 1). These super users would be able to edit and save dashboards, see all sites in the installation, all tags...they would have full access.


Prerequisites

To edit user permissions, must be using an Admin account. You must have the EditAccessPermissions permission as well as access to the User Manager in the Bazefield Portal.


Please read the following article to get an Overview of the Bazefield Object Security Model:

https://bazefield.freshdesk.com/a/solutions/articles/36000125703


Configuring User Access roles and views (dashboards)

Search or navigate to User Manager under Administration whilst logged into an Admin account.


start typing to search


In this example, we'll configure access on the following levels for a 'read only' view:

-Dashboard/app level

-Tag level



STEP 1: Create Users and/or Role from User Manager. 

Click the green ‘new’ button to create a user or role.

Making a separate role for each site in the fleet allows you to configure access from the user level on a site by site basis.




 One could create a sort of executive role with 'read only' access to all "Assets" at all sites.




STEP 2: Add individual users to the Role from User Manager > Users.

Edit the user’s roles with the “Assigned Roles” tab


Configure the assigned permissions of each role, hover over each permission to get a brief description:

Hovering over editbazetrend tells us it's required to add and remove tags from the trend tool.

Typical 'Read-only' role permissions could be set like this example user:



All other permissions:



STEP 3: Add access to each domain object to your newly created role.

User Manager > Access



Select the applicable Role(s) from the dropdown menu by clicking into the text box. Alternatively you can add additional access on an individual user level by finding the User.


"Find items" search bar:

Use the % wildcard to filter your search for tagnames of a site easily. Click the Search button anytime you make changes to repopulate the list of item names below.


Example: SITESHORTNAME-% will give you all tags that begin with that short name.

Use the checkboxes on the right to select relevant item(s) or further filter with “Has Access” and “No access”.



"Find items" filtering by object category:

Use the drop down menu or begin typing a category name to search/select item categories.


Example configuring tag access, an important step in any role/user creation.


Add access after selecting tags:



Object category selection quickstart:


Tag (most important, for trend tool and dashboards that require the tags)

Wind farm

Wind turbine

Turbine string


STEP 4: Configure the application and individual dashboard layers of the system.


Click Edit near the bottom of the navigation panel and then then click the edit button next to the relevant apps and dashboards. Use "Done" to save changes.

edit button changes to done when you click it 


Configure the access by adding the Role you just created in the Access and Permissions tab of each dashboard. Add to child items will add the same user/role to each child dashboard inside the parent.




STEP 5: Test by logging in with the username (with the roles applied). 

Add permissions to the role or checkaccess to the parent dashboard or app itself if you notice you're missing features/dashboards.