Skip to content

Administrators

Permissions allow you to control the actions a user can take and the pages of Management Console a user can see.

Navigate to Users > Admin Users > Administrators; this includes information on designating users with built-in or custom-defined roles. Refer to the Roles section for more details.

The following actions can be performed from the Administrators page:

  • Add Permission

  • Edit Permission

  • Delete Permission

Add Permission

Administrators can designate a user with built-in or custom-defined roles to enable that user as an Administrator of HyWorks.

To add a permission, follow the steps given below:

  1. Log in as Administrator with appropriate privileges.

  2. Go to Users > Admin Users > Administrators.

  3. Click Add Permission.

  4. Click User/Group in the User/Group tab. In the Available Client section, search for and select the user or group to whom the permission is to be assigned.

  5. Select Propagate to Child to propagate the permissions to the child organizations. The administrator will also be able to log in and perform administrative tasks on the child organization.

    Note

    Access to propagated permissions can be revoked later using the Restrict Access option or overriding its role.

  6. Click Next to assign a role to the permission.

  7. Select the role from the list. The list displays all the built-in and custom-defined roles.

  8. Select Propagate to Child to propagate the permissions to the child organizations.

  9. Click Save.

The permissions will be added and will be listed in the Administrators section.

Any user added to this role will be able to log in and manage the following organizations:

  1. Current organization where the role is defined.

  2. Child organizations if propagated.

Permission Propagation

Permission propagation refers to the inheritance of the parent organization's permission to its child organizations.

The option to enable propagation appears during the Add/Edit Permissions wizard.

For example, if permission is created for a user Admin1 at the parent organization with the Administrator role and the Propagate to child option is enabled, then user - Admin1 will have access to the root organization and all the child organizations with the administrator’s role.

Disable Propagation

Propagation can be disabled at:

  1. Parent level
  2. Child organization level

Disable Propagation at the Parent level: When performing Add/Edit Permissions operations in the parent organization, uncheck the Propagate to child option to disable propagation. Once unchecked, the Administrator will not have permissions for the child organizations.

Example: Refer to the image shown in the section Permission Propagation

  1. Create a Permission for the user Admin2 in the parent organization with the Propagate to child option unchecked. Log in to the Management Console with the user Admin2's credentials.

  2. The user Admin2 will have access to only the parent organization. They will not be able to see or enter other organizations.

Disable Propagation at the child organization level: Disable propagation at the child organization level by editing the permissions at the child organization level.

Example: Refer to the image shown in the section Permission Propagation

  1. Create permission for the user Admin3 in the parent organization with the Propagate to child option checked.

  2. Go to the child organization Org 1. Edit the permission for the user Admin3 and uncheck Propagate to child.

  3. Log in to the Management Console with the user Admin3.

The user Admin3 will be unable to see/modify organizations at Org 1.1 and Org1.2 since propagation is disabled in the organization Org 1.

Edit Permission

Permissions can be modified at the parent or child level. Depending on the level at which the permission is being invoked, some options are enabled or disabled.

Note

The currently logged-in user cannot modify its own permissions.

Edit Permission at the Parent (Definition) Level

  1. Log in to the organization where the permissions are defined and need to be modified, as an Administrator with the appropriate privileges on Permissions.

  2. Go to Users > Admin Users > Administrators section.

  3. Select any user that is an Administrator and click Edit.

  4. In the Change Access Permission dialog:

    1. Select a new role for the user.

    2. Enable or disable Propagation as required.

  5. Click OK to save the changes.

Role changes will come into effect immediately, while the propagation changes requires the user to log in to the system again.

Edit Permission at the Child Level

  1. Log in as the Administrator with appropriate privileges into the child organization.

  2. Go to Users > Admin Users > Administrators section.

  3. Select any user that is an Administrator and click Edit.

  4. In the Change Access Permission dialog:

    1. Select a new role for the user.

    2. Enable or disable Propagation as required.

    3. Uncheck Restrict Access if you do not want to disable Administrator access for this child organization.

  5. Click OK to save the changes.

Changes will be saved:

  1. Role changes will come into effect immediately.

  2. Propagation changes will come into effect from the next login event.

  3. Restrict Access changes will come into effect from the next login event.

  4. Once the permissions are modified at the child organization level, their parent level is changed to the current organization (child) and will become the object of that organization.

Restrict Access

The Restrict Access option is only available for propagated administrators at the child organization level. This feature can block the propagated administrator's access at the child organization level.

Example: Refer to the image shown in the section Permission Propagation.

  1. Create a Permission for the user User4 at the parent organization with the Propagate to child option checked.

  2. Edit the permission for the user User4 at the child organization Org2 with the Restrict Access option enabled.

  3. Log in to the Management Console with the User4 credentials.

  4. User4 will not be able to see/modify the organizations Org2 and Org2.1 since their access is restricted to those organizations.

Once the parent-level permission changes, changes made at the parent organization level will have no effect, so the properties should be modified at the parent level.

Delete Permissions

It is possible to delete permissions at the parent level:

Note

Users cannot delete their own permissions.

  1. Log in as the Administrator with appropriate privileges.

  2. Go to the Users > Admin Users > Administrators section.

  3. Select the administrator user to be deleted and click Delete.

  4. In the Confirm Action dialog, click Remove.

Permissions will be removed and not displayed in the permissions list, and the User will be logged out of the organization.

Permissions Overriding

Permission overriding can be done in the two ways:

  1. Permissions are defined at the parent organization level with propagation, and at the child organization level, they are redefined to have a new role:

    1. On the parent organization level, the user will have access per their defined role.

    2. The user will have access to the new role at the child organization level.

  2. Permissions are defined for a user group and then for the individual user as well:

    1. On the parent organization level, the user will have access according to their permissions, which override the permissions from the group.

    2. On the child organization level, access and privileges will be provided per the individual user’s permission.