Skip to content

Latest commit

 

History

History
54 lines (37 loc) · 6.47 KB

upgrade-admin-services-roles-guide.md

File metadata and controls

54 lines (37 loc) · 6.47 KB
Raw

Adapting Changes in Administration Roles

Below is the list of admin roles:

  • GLOBAL_ADMIN
  • ZONAL_ADMIN
  • REGISTRATION_ADMIN
  • MASTERDATA_ADMIN
  • KEY_MAKER
GLOBAL_ADMIN ZONAL_ADMIN REGISTRATION_ADMIN MASTERDATA_ADMIN KEY_MAKER
Centers Centers Packet Status Devices GenerateMasterKey
User Zone Mapping Devices Pause/ Resume RID Machines GenerateCSR
All Master Data Machines Retrieve Lost RID All Master Data GetCertificate
Masterdata Bulk Upload User Zone Mapping Packet Bulk Upload Masterdata Bulk Upload UploadCertificate
Packet Bulk Upload User Center Mapping UploadCertificate GenerateCSR UploadOtherDomainCertificate
GenerateCSR All Master Data Upload OtherDomainCertificate Devices
GetCertificate Masterdata Bulk Upload Machines
UploadCertificate GenerateCSR
Upload OtherDomainCertificate UploadCertificate
Upload OtherDomainCertificate
Packet Bulk Upload

Here:

Green- colored represent persisted roles.

Blue- colored cells represent newly added roles.

Red- colored cells represent removed roles.

How to adjust the role accessibilities for existing users after upgrading to 1.2.0.1-x from 1.1.5.5-P1?

For a user having GLOBAL_ADMIN role:

  • If a GLOBAL_ADMIN user is performing Certificate related operations then KEY_MAKER role need to be added to that user.
  • If a GLOBAL_ADMIN user is performing Packet Bulk Upload then REGISTRATION_ADMIN role need to be added to that user.

For a user having ZONAL_ADMIN role:

  • If a ZONAL_ADMIN user is performing Certificate related operations then KEY_MAKER role need to be added to that user.
  • If a ZONAL_ADMIN user is performing Packet Bulk Upload then REGISTRATION_ADMIN role need to be added to that user.

For a user having REGISTRATION_ADMIN role:

  • If a REGISTRATION_ADMIN user is performing Certificate related operations then KEY_MAKER role need to be added to that user.

For a user having MASTERDATA_ADMIN role:

  • If a MASTERDATA_ADMIN user is performing GenerateCSR then KEY_MAKER role need to be added to that user.
  • If a MASTERDATA _ADMIN user is performing Packet Bulk Upload then REGISTRATION_ADMIN role need to be added to that user.

Note: A few new permissions were added to MASTERDATA_ADMIN and KEY_MAKER roles, please refer to the above role matrix table and if there is any inconsistency in the accessibility or roles of existing user, please reassign the roles to the user accordingly.