J
JOATOSIT Operations Platform
Browse documentation

Permission groups and access control

Administration

Permission groups give you fine-grained, per-module access beyond the three base roles. They're managed under Organization → Roles & Permissions (admin only).

How groups work

A permission group grants an access level per module:

  • None — no access
  • View — read-only
  • Write — read and edit

A user can belong to several groups, and their effective access is the highest grant across those groups. When a user is in at least one group, their group grants govern their access (rather than their base role).

Creating a group

  1. Select New Group and give it a name and optional description.
  2. Expand Module Permissions and set None / View / Write for each module (dashboard, devices, servers, assets, helpdesk, and so on).
  3. Save.

Edit a group to adjust its name or matrix; delete a group to remove the access it granted.

Assigning users

Add users to groups from the Members tab — a user's edit form has a Permission Groups section. A user picks up the union of all their groups' grants.

Notes & tips

  • Model groups on job functions (e.g. Help desk, Network read-only) and assign people to them, rather than hand-tuning each user.
  • Deleting a group removes the access it granted to its members — check who's affected first.

Related