Roles
Overview
Control Room utilizes an access control system based on Roles. Roles is a collection of Permissions. Roles represent the Permissions needed to access certain Control Room entities.
You can assign one or multiple Roles for Users to perform particular operations inside the Control Room. Since Users are not assigned permissions directly but only acquire them through Roles, managing access control involves setting appropriate Roles for Users.
Base Permissions
Each Role is associated with a combination of base permissions supported by IntelliBuddies. The base permissions supported by IntelliBuddies could be classified into multiple categories, as described in the table below. The categories and the sub-categories exactly match what you see in the UI.
Roles View
In the Roles page in the Control Room, you can select different views by choosing View from the Context Menu. You have the following viewing options.
| View | Description |
|---|---|
| All Roles | Shows System and Custom Roles as part of this Control Room. This is the default view. |
| System Roles | Shows a list of all the System Roles shipped by IntelliBuddies. |
| Custom Roles | Shows a list of all the Custom Roles created inside this deployment of Control Room. |
Access Controls
Users
| Permission | Description |
|---|---|
| Add User | Grants Permission to create a new User. |
| Edit User | Grants Permission to modify an existing User. |
| View User | Grants Permission to access and view existing Users. |
| Delete User | Grants Permission to remove an existing User. |
| Disable User | Grants Permission to deactivate an existing User. |
Groups
| Permission | Description |
|---|---|
| Add Group | Grants Permission to create a new Group. |
| Edit Group | Grants Permission to modify an existing Group, and by default, you can make changes to Groups that you own. |
| View Group | Grants Permission to access and view existing Groups. |
| Delete Group | Grants Permission to remove an existing Group. |
Roles
| Permission | Description |
|---|---|
| Add Role | Grants Permission to create a new Role. |
| Edit Role | Grants Permission to modify an existing custom Role; by default, you can change the Roles you created. |
| View Role | Grants Permission to access and view existing Roles. |
| Delete Role | Grants Permission to remove an existing custom Role. |
RPA
RPA Process
| Permission | Description |
|---|---|
| Create Process | Grants Permission to publish an RPA process into the Control Room. |
| Edit Process | Grants Permission to edit the published RPA process; by default, you can change the Processes you own. |
| View Process | Grants Permission to view the published RPA process; by default, you can view the Processes you own. |
| View Other Users Processes | Grants Permission to view all other User's published RPA processes. |
| Upload Process | Grants Permission to upload the published RPA process. |
| Download Process | Grants Permission to download the published RPA process. |
| Delete Owned Process | Grants Permission to delete the owned and published RPA process. |
| Delete Other Users Process | Grants Permission to delete an RPA process owned and published by another user. |
Job
| Permission | Description |
|---|---|
| Create a Job | Grants Permission to create a Job in the Control Room. |
| View Job Details | Grants Permission to view Job details in the Control Room. |
| Cancel a Job | Grants Permission to Cancel a Job execution in the Control Room. |
Smart Station
| Permission | Description |
|---|---|
| Register Smart Station | Grants Permission to register Smart Station in the Control Room. |
| Unregister Smart Station | Grants Permission to unregister Smart Station in Control Room. |
| View Smart Station | Grants Permission to view Smart Station in the Control Room. |
Buddies
| Permission | Description |
|---|---|
| Register Buddy | Grants Permission to register Buddy in the Control Room. |
| Unregister Buddy | Grants Permission to unregister Buddy in the Control Room. |
| Unregister Other Users Buddy | Grants Permission to unregister other users Buddy in the Control Room. |
| View Other Users Buddy | Grants Permission to view other users Buddy in the Control Room. |
| View Buddy | Grants Permission to view Buddy in the Control Room. |
BPA
BPA Process
| Permission | Description |
|---|---|
| Create Process | Grants Permission to publish and clone a BPA process into the Control Room. |
| Edit Process | Grants Permission to edit the published BPA process; by default, you can change the Processes you own. |
| View Process | Grants Permission to view the published BPA process; by default, you can view the Processes you own. |
| View Other Users Processes | Grants Permission to view all other User's published BPA processes. |
| Upload Process | Grants Permission to upload the published BPA process. |
| Download Process | Grants Permission to download the published BPA process. |
| Delete Owned Process | Grants Permission to delete the owned and published BPA process. |
| Delete Other Users Process | Grants Permission to delete a BPA process owned and published by another user.. |
| User can Undo Check Out Another User's Changes | Grants permission to undo Another user's changes for the published BPA process. |
Delegation
| Permission | Description |
|---|---|
| Create Delegation | Grants Permission to create Delegation of Task. |
| Edit Delegation | Grants Permission to edit Delegation of Task. |
| View Delegation | Grants Permission to view Delegation. |
| Delete Owned Delegation | Grants Permission to delete owned Delegation. |
| Delete Other Users' Delegation | Grants Permission to delete another user-owned delegation. |
| Create Delegation for Other Users | Grants Permission to create Delegation for other users. |
Process Instance
| Permission | Description |
|---|---|
| Initiate a Process Instance | Grants Permission to initiate a Process Instance. |
| Cancel a Process Instance | Grants Permission to cancel a Process Instance. |
| View Process Instance Details | Grants Permission to view Process Instance Details. |
Task
| Permission | Description |
|---|---|
| View Task | Grants Permission to view a Task. |
| Cancel Other Users Task | Grants Permission to cancel other users Task. |
| View Other User Task | Grants Permission view other user Task. |
| Reassign My Task | Grants Permission to reassign the assigned Task to another User. |
| Reassign Other Users Task | Grants Permission to reassign other users Task. |
Control Room
Trigger
| Permission | Description |
|---|---|
| Add Trigger | Grants Permission to add Trigger. |
| Edit Trigger | Grants Permission to edit Trigger. |
| View Trigger | Grants Permission view Trigger. |
| Delete Trigger | Grants Permission to delete Trigger. |
| Disable Trigger | Grants Permission to disable Trigger. |
Enterprise Variable
| Permission | Description |
|---|---|
| Add Variable | Grants Permission to add Variable. |
| Edit Variable | Grants Permission to edit Variable. |
| View Variable | Grants Permission view Variable. |
| Delete Variable | Grants Permission to delete Variable. |
List
| Permission | Description |
|---|---|
| Add List | Permission to add List is granted. |
| Edit List | Permission to edit List is granted. |
| View List | Permission to view the List is granted. |
| Delete List | Grants Permission to delete List. |
License
| Permission | Description |
|---|---|
| Manage License | Permission to allocate licenses, access app license summaries, review Integration Gateway service credits, and examine IntelliFlow prompt summaries. |
Features
| Permission | Description |
|---|---|
| Enable and Disable Features | Grants Permission to turn Control Room Features on or off. |
Audit Logs
| Permission | Description |
|---|---|
| View Audit Logs | Permission to View Audit Logs is granted. |
Email Templates
| Permission | Description |
|---|---|
| Add Email Template | Grants Permission to add Email Template is granted. |
| Edit Email Template | Grants Permission to edit Email Template is granted. |
| View Email Template | Grants Permission to view Email Template. |
| Delete Owned Email Template | Grants Permission to delete owned Email Template. |
| Delete Others Users Email Template | Grants Permission to delete other User-created Email Templates. |
Connection
| Permission | Description |
|---|---|
| Add Connection | Grants Permission to create a Connection. |
| Edit Connection | Grants Permission to edit Connection. |
| View Connection | Grants Permission view Connections. |
| Delete Connection | Grants Permission to delete a Connection. |
Recycle Bin
| Permission | Description |
|---|---|
| View Recycle Bin | Grants Permission to view Recycle Bin. |
| Restore Items | Grants Permission to restore Recycle Bin items. |
| Delete Recycled Items | Grants Permission to delete Recycle Bin items. |
Global Settings�
| Permission | Description |
|---|---|
| View Global Settings | Grants permission to view global settings. |
| Modify Global Settings | Grants Permission to modify global settings. |
System Roles
Control Room ships the following system roles by default.
| Role | Description |
|---|---|
| Administrator | A user with this Role can manage access control features like Users, Groups, and Roles. |
| RPA Designer | A user with this Role can design, publish, and manage the RPA processes inside the Control Room. |
| RPA Member | A user with this Role can initiate, execute, and monitor the RPA jobs. |
| BPA Designer | A user with this Role can design, publish, and manage the BPA processes inside the Control Room. |
| BPA Member | A user with this Role can initiate, execute, and monitor the BPA Process instances. |
| Maintainer | A user with this Role acts as an Automation manager for an Organization. Maintainer is an elevated role with access to all the Users and their corresponding entities. |
note
You can view the permissions associated with system roles, but you are not allowed to change those permissions. If the system roles do not satisfy your access control requirements, you can create a custom role.
System Roles Permission
| Permissions | Administrator | RPA Designer | RPA Member | BPA Designer | BPA Member | Maintainer |
|---|---|---|---|---|---|---|
| Users | ||||||
| Add User | Yes | No | No | No | No | No |
| Edit User | Yes | No | No | No | No | No |
| View User | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete User | Yes | No | No | No | No | No |
| Disable User | Yes | No | No | No | No | No |
| Groups | ||||||
| Add Group | Yes | No | No | No | No | No |
| Edit Group | Yes | No | No | No | No | No |
| View Group | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Group | Yes | No | No | No | No | No |
| Roles | ||||||
| Add Role | Yes | No | No | No | No | No |
| Edit Role | Yes | No | No | No | No | No |
| View Role | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Role | Yes | No | No | No | No | No |
| RPA Process | ||||||
| Create Process | No | Yes | No | No | No | No |
| Edit Process | No | Yes | No | No | No | No |
| View Process | Yes | Yes | Yes | No | No | Yes |
| View Other Users Processes | Yes | No | No | No | Yes | Yes |
| Upload Process | Yes | Yes | Yes | No | No | Yes |
| Download Process | Yes | Yes | Yes | No | No | Yes |
| Delete Owned Process | Yes | Yes | No | No | No | Yes |
| Delete Other Users Process | Yes | No | No | No | No | Yes |
| Job | ||||||
| Create a Job | Yes | Yes | Yes | No | No | Yes |
| View Job Details | Yes | Yes | Yes | No | No | Yes |
| Cancel a Job | Yes | Yes | Yes | No | No | Yes |
| Smart Station | ||||||
| Register Smart Station | No | No | No | No | No | Yes |
| Unregister Smart Station | No | No | No | No | No | Yes |
| View Smart Station | Yes | Yes | Yes | No | No | Yes |
| Buddies | ||||||
| Register Buddy | Yes | Yes | Yes | No | No | Yes |
| Unregister Buddy | Yes | Yes | Yes | No | No | Yes |
| Unregister Other Users Buddy | No | No | No | No | No | Yes |
| View Other Users Buddy | No | No | No | No | No | Yes |
| View Buddy | Yes | Yes | Yes | Yes | Yes | Yes |
| BPA Process | ||||||
| Create Process | No | No | No | Yes | No | Yes |
| Edit Process | No | No | No | Yes | No | Yes |
| View Process | Yes | No | No | Yes | Yes | Yes |
| View Other Users Processes | Yes | No | No | No | Yes | |
| Upload Process | Yes | No | No | Yes | Yes | Yes |
| Download Process | Yes | No | No | Yes | Yes | Yes |
| Delete Owned Process | Yes | No | No | Yes | No | Yes |
| Delete Other Users Process | Yes | No | No | Yes | No | Yes |
| User can Undo Check Out Another User's Changes | Yes | No | No | Yes | No | Yes |
| Delegation | ||||||
| Create Delegation | Yes | No | No | Yes | Yes | Yes |
| Edit Delegation | Yes | No | No | Yes | Yes | Yes |
| View Delegation | Yes | No | No | Yes | Yes | Yes |
| Delete Owned Delegation | Yes | No | No | Yes | Yes | Yes |
| Delete Other Users Delegation | No | No | No | No | Yes | Yes |
| Create Delegation for Other Users | No | No | No | No | No | Yes |
| Process Instance | ||||||
| Initiate a Process Instance | Yes | No | No | Yes | Yes | Yes |
| Cancel a Process Instance | No | No | No | No | No | Yes |
| View Process Instance Details | Yes | No | No | Yes | Yes | Yes |
| Task | ||||||
| View Task | Yes | No | No | Yes | Yes | Yes |
| Cancel Other Users Task | No | No | No | No | No | Yes |
| View Other User Tasks | No | No | No | No | No | Yes |
| Reassign My Task | No | No | No | No | No | Yes |
| Reassign Other Users Task | No | No | No | No | No | Yes |
| Trigger | ||||||
| Add Trigger | Yes | Yes | Yes | Yes | Yes | Yes |
| Edit Trigger | Yes | Yes | Yes | Yes | Yes | Yes |
| View Trigger | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Trigger | No | Yes | No | Yes | No | Yes |
| Disable Trigger | Yes | Yes | Yes | Yes | Yes | Yes |
| Enterprise Variable | ||||||
| Add Variable | Yes | Yes | Yes | Yes | Yes | Yes |
| Edit Variable | Yes | Yes | Yes | Yes | Yes | Yes |
| View Variable | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Variable | Yes | Yes | Yes | Yes | Yes | Yes |
| List | ||||||
| Add List | Yes | Yes | Yes | Yes | Yes | Yes |
| Edit List | Yes | Yes | Yes | Yes | Yes | Yes |
| View List | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete List | No | Yes | No | Yes | No | Yes |
| License | ||||||
| Manage License | Yes | No | No | No | No | No |
| Features | ||||||
| Enable and Disable Features | Yes | No | No | No | No | No |
| Audit Logs | ||||||
| View Audit Logs | Yes | No | No | No | No | Yes |
| Email Template | ||||||
| Add Email Template | No | Yes | No | Yes | No | Yes |
| Edit Email Template | No | Yes | No | Yes | No | Yes |
| View Email Template | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Owned Email Template | No | Yes | No | Yes | No | Yes |
| Delete Others Email Template | No | No | No | No | No | Yes |
| Connection | ||||||
| Add Connection | Yes | No | No | No | No | Yes |
| Edit Connection | Yes | No | No | No | No | Yes |
| View Connection | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Connection | Yes | No | No | No | No | Yes |
| Recycle Bin | ||||||
| View Recycle Bin | Yes | Yes | Yes | Yes | Yes | Yes |
| Restore Items | Yes | Yes | Yes | Yes | Yes | Yes |
| Delete Recycled Items | Yes | No | No | No | No | No |
| Global Settings | ||||||
| View Global Settings | Yes | Yes | Yes | Yes | Yes | Yes |
| Modify Global Settings | Yes | No | No | No | No | No |
Context Menu Options
The Control Room interface enables selecting the following Context Menu option based on the User's Permission on the Roles entity.
| Option | Description |
|---|---|
| View | You can view the permissions associated with the selected Role. |
| Edit | You can edit the permissions associated with the selected custom Role. |
| Delete | You can delete the selected custom Role. |
| Clone | You can clone the selected Role to create a new custom Role. |
| Audit | Displays the audit trail for this Role. |
Managing Roles
In most cases, the System Roles provided by the Control Room should be sufficient to handle an organization's typical access control requirements. If System Roles aren't adequate, you can create custom Roles.
Creating Custom Role
note
To create a new Custom Role, you must either be under the Administrator Role or hold the Add Role permission.
- Login into the Control Room
- Select Administrator > Roles option from side panel
- Click on Toolbar-Menu >
button - Type in the role name
- Describe this Role
- Click on the Next button to set required permissions
- Select the appropriate permissions to provide for this Role
- Click on Add
Setting Role Permissions
The Role page contains the following tabs:
- Basic tab - Specify a name for the Role and provide an appropriate description for your future reference here.
- Access Control – Select the appropriate permissions to manage Users, Groups and Roles.
- RPA – Select the permissions to manage the RPA Process, Jobs, Smart Station, and Buddies.
- BPA – Select the permissions to manage the BPA Process, Process Instance, Tasks, and Delegations.
- Control Room – Select the permissions to manage Triggers, Lists, Enterprise Variables, Licenses, Features, Recycle Bin, Global Settings, and Email Templates inside the Control Room.
Editing a Custom Role
- Login to the Control Room
- Select Administrator > Roles option from side panel
- Select the Custom Role to edit
- Right-click and select Edit
- Modify the Role Permissions
- Click on Update
Deleting a Custom Role
- Login to the Control Room
- Select Administrator > Roles option from side panel
- Select the Custom Role to delete
- Right-click and select Delete
- On confirmation, will delete the selected Role
note
Deleting a Role will remove this Role permissions from all the users associated with this Role.