Overview
opCharts 3 introduces a new authorization system for MSP's which runs in parallel to the original system, so there are 2 modes running in parallel. Administration of the new system can only be done by a user with opCharts admin access from the original authorization system.
The new authorization system works by assigning CRUD (create/read/update/delete) privileges for a resource (chart/map/business service) to a role. Users are given a role which allows them to perform the privileges assigned to the role.
The first step in configuring a new user is to create a role, then create a new user who has that role. Last, find a resource and give the role privileges to access it.
New User/Role mode
Roles
Each role represents a group of privileges which can have multiple users assigned to it. For example, a role might be named "Customer X View", which is given read permission to Map X, Chart Y and Business Service Z. Now any user assigned to the "Customer X View" role will be allowed to view each of those resources.
Create/Edit
Roles are created and updated from the GUI by using the "System->Roles" menu option, only administrators can create/update/delete roles.
Assign Privileges
To assign privileges to a role, navigate to a resource list (charts/maps/business services), select a specific resource checkbox from the grid and press the permissions button. A modal will appear listing the current permissions, press "+" in the top left corner, select the desired role and action and save.
Users
Users are given privileges by being assigned to a role. When the user logs in, they will be directed to a page showing resources they have access to. The Views GUI menu will show links to other resources they also have access to.
Create/Edit
Users are created and updated from the GUI by using the "System->Users" menu option, only administrators can create/update/delete users. Users must be assigned a role (make sure one exists before adding a new user).
Resources (charts/maps/business services)
Resources are the objects that privileges are granted on, these are the things you want users to see but you only want them to see the ones they have access to see.
Assigning privileges to resources is described in the Roles section.