Skip to content

Roles

Roles allow you to control access to the HyWorks and define the privileges that the user is going to have on the HyWorks/HyLabs resources.

You can check the list of the pre-defined roles and add custom roles from the Users > Admin Users > Roles page.

Roles are critical for organizational access and are accessible to the Super Administrator only. Based on access, roles can also be classified into HyWorks roles and HyLabs roles.

Built-in Roles

The following pre-defined roles are available in HyWorks configurations. This section covers HyWorks management roles, whereas HyLabs roles are covered in the Reservation Management guide.

  1. Super Administrator

  2. Administrator

  3. Helpdesk

  4. Read-only

  5. Session Recording Auditor

The following pre-defined roles apply to HyLabs users but are managed from HyWorks:

  1. Reservation Administrator

  2. In-charge

  3. Assistant

  4. Participant

Super Administrator

  1. The Super Administrator can be defined only during installation.

  2. The Super Administrator role can not be modified or deleted.

  3. No user other than the local user or group defined as the Super Administrator during installation can be assigned a Super Administrator role.

  4. A Super Administrator is, by default, propagated to the child organizations.

  5. A Super Administrator has all the configurational access in HyWorks, including the system-level configurations.

Administrator

  1. Users with this role do not have access to the system-level configurations.

  2. The Administrator (predefined) role cannot be deleted, but the user with the Administrator role can be removed.

  3. The Administrator user/group permissions can be overridden at the child organization level by assigning a different role to this user.

Helpdesk

  1. The level-3 Administrator role requires writing access to the limited modules.

  2. The Helpdesk (predefined) role cannot be deleted, but the user with the Administrator role can remove this user.

  3. The Helpdesk user/group permissions can be overridden at the child organization level by not propagating to the child organizations or by assigning a different role to this user.

Read-Only

  1. Users in this role have view-only permissions for the limited modules.

  2. Predefined role in HyWorks which cannot be deleted.

  3. Read-only user/group permissions can be overridden at the child organization level by assigning a different role to this user.

Session Recording Auditor

  1. Only Session Recording Auditor role users have permission to play session recordings.

  2. Users with this role do not have access to the system-level configurations.

  3. The Session Recording Auditor (predefined) role cannot be deleted, but the user with the Session Recording Auditor role can be removed.

  4. The Session Recording Auditor, user/group permissions, can be overridden at the child organization level by assigning a different role to this user.

Roles Management

The following actions can be performed from the Users > Admin Users > Roles page:

  1. View Role privileges
  2. Add Role
  3. Edit Role
  4. Delete Role - Select the custom-defined role you want to delete and click Delete.

View Privileges

To view the associated privileges of any role, follow the steps below:

  1. Go to Users > Admin Users > Roles.

  2. Click Role to view its privileges. You will be navigated to the Privileges page that displays HyWorks resources and associate permissions of that role.

Add Role

  1. Log in as a Super Administrator.

  2. Go to Users > Admin Users > Roles and click Add.

  3. Enter the following details in the wizard:

    1. Enter the Name for a new role.

    2. Describe the role if required.

    3. Select the Status to activate the role. If you do not activate the role, it will not appear on the Permissions page.

    4. Select a Role Classification, i.e., Administrator, HyLabs-Incharge, HyLabs-Assistant or HyLabs-Participant.

    Role classification determines the basic level of access in HyLabs For example, a role classified as In-charge will also have the permissions of that of an In-charge.

    1. Select appropriate resource privileges for the new role.

    Note

    Privileges for the system-level resources should not be given to the custom role and should be kept for the Super Administrator only. These resources or configurations are critical to the whole system.

  4. Click Add to save the new role. The role will be displayed in the list of roles and can now be assigned to users from the Permissions page. <!--1. Privileges on the resources at the system level cannot be given to custom roles and will appear disabled; examples of such resources are:

    1. Role Management

    2. Client Software Settings

    3. Server Configurations

    4. HyWorks Controller

    5. Backup and Restore

    6. License Management

    7. RDP Proxy Settings

    8. SMTP Configuration -->

Edit Custom Role

  1. Log in as the Super-Administrator and go to Users > Admin Users > Roles.

  2. Select the role to edit and click Edit.

  3. In the wizard, modify the fields as required and click Update.

The new privileges will come into effect at the next login.

Delete Custom Role

Prerequisite

The role you want to delete should not be associated with any permissions.

  1. Log in as the Super-Administrator and go to Users > Admin Users > Roles.

  2. Select the role to delete and click Delete.

  3. The Confirm Action dialog will be displayed; click Delete to continue deleting the role.