User Management In Action
Setting up user management might be tricky. We'll walk through an example where users at different levels and oranisations are trying to access data from portal and manage things.
Consider an organisation where consignments of different clients move to different states. To start with, we have an account with superuser access.
For the above scenario, we will be setting the following user groups:
- Admin group - To access almost all permissions
- State level operation groups
- Internal teams managing consignments
- Client groups
- To have access of consignmets belonging to specific clients
- IT Management
- To add roles or manage users
- Audit group
- To check access logs for application
For each of these groups, we see what type of roles can be created and added to groups while creating them:
- Admin
- State Ops
- Client
- IT Management
- Audit
For this groups of users, we can create an
Admin role with the following permissions:| Permission\Type | Create | Read | Update | Delete |
|---|---|---|---|---|
| Geofences |  | | | |
| Trips | | | | |
| Logs |  | | | |
| Consignments | | | | |
| Devices | | | | |
| Groups | | | | |
| Roles | | | | |
| Clients | | | | |
We now go to User Groups to create a group using this role. Any user in this group will have the above permissions.
For this group of users, we can create a
We now go to
This means that for users in group created for a state 'S' in country 'C' can only see consignments that are either originating or going to the particular state.
State ops role with the following permissions:This role give access to consignment/devices data of only one single region (state level in a country).
we should check the
we should check the
Region checkbox.| Permission\Type | Create | Read | Update | Delete |
|---|---|---|---|---|
| Geofences | | | | |
| Trips | | | | |
| Logs | | | | |
| Consignments | | | | |
| Devices | | | | |
| Groups | | | | |
| Roles | | | | |
| Clients | | | | |
We now go to
User Groups to create a group using this role. We'll be asked to select a country and region from deopdowns when this role is selected for the group.This means that for users in group created for a state 'S' in country 'C' can only see consignments that are either originating or going to the particular state.
Origin and Destination automatically tagged while creating the consignment through Trips or address sent through API request.For client groups, we don't need to create any role. A default role is already present. We just need to create a client from the The default permissions of a client group are as following:
Client tab. This creates a client type group as well. Click on Manage Users and add users.This role give access to consignment/devices data of only one client.
| Permission\Type | Create | Read | Update | Delete |
|---|---|---|---|---|
| Geofences | | | | |
| Trips | | | | |
| Logs | | | | |
| Consignments | | | | |
| Devices | | | | |
| Groups | | | | |
| Roles | | | | |
| Clients | | | | |
This group might not need access to any consignment data.
We create a role with permissions to only
Now create a group with the created role.
We create a role with permissions to only
Roles and User Groups.| Permission\Type | Create | Read | Update | Delete |
|---|---|---|---|---|
| Geofences | | | | |
| Trips | | | | |
| Logs | | | | |
| Consignments | | | | |
| Devices | | | | |
| Groups | | | | |
| Roles | | | | |
| Clients | | | | |
Now create a group with the created role.
Audit group will be given only read access to everything possible.The permissions for
Audit role are as following:| Permission\Type | Create | Read | Update | Delete |
|---|---|---|---|---|
| Geofences | | | | |
| Trips | | | | |
| Logs | | | | |
| Consignments | | | | |
| Devices | | | | |
| Groups | | | | |
| Roles | | | | |
| Clients | | | | |
Now create a group with the created role.