It is important to ensure that any user accessing PCC is an authenticated user. Thus, PCC supports two factor authentications, that is, a user can be given access using Google email ID or PCC specific individual username can be created.
All authenticated users can perform tasks in PCC based on the roles assigned to them. Bluemeteor has a defined master list of privileges. This list is created and maintained by Bluemeteor which includes details about the privilege and a description of what each of these privileges allows the user to do in PCC. These privileges will be granted to users based on their roles.
A superuser role will be predefined which has all privileges. A SuperAdmin user will be predefined which is assigned to that superuser role. Thus, a superuser user will now have privileges to add new users to PCC and assign various roles to users.
NOTE | Users can view the privileges granted to them based on their roles. However, users can edit the privileges only if they have the permission granted for the same. |
To manage user roles and permissions, as you log into PCC, hover over to the upper-left corner and the following menu is displayed as shown in the following figure.
Click Security to perform various functions related to user roles and permissions as shown below.
The following table lists the privileges required to perform various functions related to security.
Table 36: User security related privileges
Privilege | Required to | Description | Prerequisites |
|---|---|---|---|
user_view | View all users | You can view all user’s information along with their granted privileges.. | |
user_add | Add new user | You can add a new user to the system. This privilege does not allow granting of roles to the newly added user. | user_view |
user_edit | Edit user information | You can change the name, email, password and security roles associated with the user. | user_view |
user_delete | Delete a user | You can delete the user from the PCC application. This user will no longer be able to log in to the PCC application. | user_edit |
role_view | View all security authorization roles | You can view all security authorization roles along with their granted privileges. | |
role_add | Add new security authorization role | You can add a new role to the system. This privilege does not allow granting of privileges to the newly added role and assigning users to this role. | role_view |
role_edit | Edit security authorization role | You can change the security privileges associated with the role. This will directly impact the authorization and accessibility of any existing user who is associated with the role being changed. | role_view |
role_delete | Delete security authorization role | You can delete the security authorization role from the PCC application. This will directly impact the authorization and accessibility of any existing user who is associated with the role being deleted. | role_edit |
*Prerequisites – This column lists the privileges that needs to be enabled first before granting the actual privilege
Let us understand how to add/edit/delete users/roles/user groups as well as grant roles and catalog level privileges in the following sections: