search
Contact Uscybus.io

Roles

Define permission groups based on job functions and responsibilities.

In Connectware, roles are groups of permissions that can be assigned to multiple users. This simplifies user management by allowing administrators to define standard permission sets based on job functions or responsibilities, rather than configuring permissions individually for each user.

Each permission represents a specific access right to a resource, whether it is an MQTT topic or an HTTP endpoint, with clearly defined read and/or write capabilities.

hashtag
Roles View

The Roles View provides a comprehensive dashboard of all defined roles in your Connectware system and their associated permissions. This makes it easy to audit your access control structure and identify which permissions are assigned to each role.

  • To open the Roles View, click User and then click the Roles tab.

Roles View in Connectware
Roles View in Connectware

In this view, you can quickly identify:

  • All available roles in the system.

  • The specific permissions assigned to each role.

  • Which roles might need modifications based on your security requirements.

hashtag
Creating New Roles and Permissions

Creating roles allows you to define permission sets once and apply them to multiple users.

  1. In the Roles View, click Add Role to open the Create Role dialog.

Add Role button
Add Role button

  1. Enter a name for the new role.

  2. Optional: To assign a set of pre-defined permissions to the role, click the Copy Permissions field, select a permission, and click Add. You can repeat this step to assign multiple permission sets.

  3. Optional: To assign individual permissions, click the + button to open the Add Permission dialog.

  • Select the permission type: HTTP for accessing the REST API using HTTP clients or MQTT for accessing MQTT topics on CybusMQ.

  • In the Endpoint field, enter the resource path, which follows MQTT topic conventions. The specified topic can be a single topic or a wildcard. HTTP permissions for the resource path follow an MQTT topic structure. This means that you can use wildcards (# and +) in valid expressions, and paths must start with a leading slash (/).

  • Select the access type: read, write, or both.

  • Click Add to add the permission.

  1. Click Create. The dialog will close, and the new role will appear in the overview table.

hashtag
Changing Role Names

To change the name of an existing role:

  1. In the Roles View, click a role to open the Edit Role dialog.

  2. In the Edit Role dialog, enter a new role name in the Name field.

Edit Role dialog
Edit Role dialog

  1. Click Update to apply the changes. The dialog will close and the role name will be updated.

hashtag
Adding Permissions to Roles

You can add individual permissions directly to a role as needed.

  1. In the navigation panel, click User.

  2. In the Users and Roles View, click the Roles tab.

  3. In the Roles View, click the role to which you want to assign permissions. This opens the Edit Role dialog.

  4. In the Edit Role dialog, click the + button to open the Add Permission dialog.

  • Select the permission type: HTTP for accessing the REST API using HTTP clients or MQTT for accessing MQTT topics on CybusMQ.

  • In the Endpoint field, enter the resource path, which follows MQTT topic conventions. The specified topic can be a single topic or a wildcard. HTTP permissions for the resource path follow an MQTT topic structure. This means that you can use wildcards (# and +) in valid expressions, and paths must start with a leading slash (/).

  • Select the access type: read, write, or both.

  • Click Add to add the permission.

  1. Click Update. The dialog will close and the role is updated with the new permissions.

The updated role will immediately reflect the change, and all users assigned to this role will have the new permissions.

hashtag
Removing Permissions from Roles

When specific permissions are no longer needed, you can remove the corresponding endpoint them while keeping other permissions intact.

  1. In the navigation panel, click User.

  2. In the Users and Roles View, click the Roles tab.

  3. In the Roles View, click the role you want to modify to open the Edit Role dialog.

  4. Permissions are organized into tabs for HTTP and MQTT. Use the tabs to switch between and manage permissions for each protocol.

  5. In the list of assigned permissions, locate the permission you want to remove.

  6. To remove a permission, click its Remove button in the Action column of the permissions list.

  7. Click Update. The dialog will close and the role is updated.

The updated role will immediately reflect the change, and all users assigned to this role will lose the removed permission.

hashtag
Deleting Roles

To delete a role:

  1. In the Roles View, click the role that you want to delete to open the Edit Role dialog.

  2. Click the Delete button in the top right of the Edit Role dialog.

Delete Role button
Delete Role button

  1. Click Delete again to confirm. The role is deleted.

Delete confirmation
Delete confirmation
PreviousUser Session ExpirationNextPermissions

Last updated

Was this helpful?