A flexible user management system that allows for customizable control over different Cavisson modules and features. For users seeking essential functionality, pre-defined roles with standard permissions are available. For greater flexibility, custom roles can be created to combine specific permissions, which apply to all features/sub-features of a particular type.

The user management feature is only accessible to those users who have been granted the necessary permission(s) under the Access Management section under Roles. The user management feature is divided into three sections:

Users - Allows you to add new users, edit/delete existing users and map these users to module wise permissions via groups
Groups - Used to map users to different sets of permissions, for e.g. a set of users can be mapped to the read only group which will just give the read/view permission to all users associated with this group and no write permission will be given.
Roles - Used to create a permission - module mapping which is then associated to a group. Roles are where a user can map a read or read/write permission with a Cavisson feature.

Across all the modules i.e. users, groups and roles, the following action(s) can be taken:

Search: Users can search through this button by giving a keyword.
Column Filter: Users can apply filters to each column for searching & filtering data.
Manage Column: In the "Manage" column, users can choose to show/hide a column and arrange the order according to their need.
Download: Used to download the tabular data in a chosen format of either Word, PDF, Excel, and/or CSV.

Furthermore, one can perform additional below actions by clicking on the icon against each column:

Move column left: Users can move the column to left.
Move column right: Users can move the column to right.
Insert to left: Users can add a column to the left by selecting a column name from the dropdown list
Replace column: Users can replace a column with another column from the dropdown list.
Hide column: Users can hide the selected column.

User

Create, edit and manage users via this section. Every user is associated with a group and all the group's permissions are inherited by the user for e.g. if you associate a user with the pre-defined Admin group, then all admin i.e. read/write permission across all Cavisson features will be given to this user. Two users are pre-bundled for carrying out different tasks and ease of onboarding:

cavisson - User with Admin level permission
guest - User with read-only permission.

Available Users.

The Available User window displays information about all the added users in a tabular format with the following columns:

Type: It shows the user type as either a system-created or a pre-bundled user (that is managed by Cavisson).
Name: Displays the name of the user.
Email: Lists the email address associated with the user.
Groups: Shows the group to which the user belongs.
Action: Users can perform different actions explained below.
- Edit: Users can edit their name, email, mobile number, and group by clicking the edit icon.
- Delete: The user can delete their account by clicking the delete icon.
- Change Password: Change a user's password by clicking the change password icon.

Add New User

To add a new user, click the icon . A new window will open, prompting the user to enter the following details:

Name - Name via which the users will log-in. A valid username is between 4-30 characters long & with no spaces allowed.
Email - Provide a valid email address.
Mobile - Enter a valid mobile number.
Group: Select at least one group which you want to map the user to. A user can belong to multiple groups and the group having the superior set of a permission will take precedence. For e.g. if you have mapped a user to two groups, one group that has read only permission for a feature and another with a read/write permission of the same feature, then the read/write permission will be granted to the user for that feature.
Password: password Must contain 8-64 characters including minimum 1 upper case, 1 lower case, 1 number and a special symbol amongst ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ ] ^ _ `{ | }~

Note:

Pre-bundled users cannot be changed/deleted.
All fields are mandatory except mobile.

Group

A group is a collection of users that simplifies access and permissions management within an organization. Groups can represent departments, teams, or other logical user groupings, such as Dev or QA. By associating users with a group, administrators can efficiently manage access and streamline permissions.Each group is mapped to at least one role.

Available Groups

The Available Groups section presents information in a tabular format with the following columns:

Type: It shows the category of the group i.e, system defined, user created or LDAP.
Group Name: Displays the name of the group.
Description: Provides a brief description of the group's purpose or function.
Roles: Indicates the role type, such as Admin, Standard, or Read-Only.
Action: User can perform different actions explained below.
- Edit: Users can edit their name, email, mobile number, and group by clicking the edit icon.
- Delete: The user can delete their account by clicking the delete icon.
- Change Password: Change a user,s password by clicking the change password icon.

Add New Group

To add a group, click the icon . A new window will open, prompting the user to enter the following details:

Group Name - Enter a valid group name and use this name to associate users to groups. A valid group name is between 4-30 characters.
Description - Enter the description for the group to detail the intent behind creating the group.
Roles - Associate the group with a pre-defined role so that all Cavisson feature permissions defined under roles are mapped with this newly created group. For e.g. if you map the read-only role to this group then all users belonging to this group will inherit the read only permission.

Note :

User can Import LDAP groups by clicking the icon. Do note that the import option will only be valid if the LDAP server settings are configured under Admin>LDAP Server Settings.
All fields are mandatory while adding a new group.

Role

A role is a set of permissions and capabilities assigned to a user, defining their level of access for Cavisson features. Roles determine what a user can read, modify, or manage across various tiers, projects, and features. There are three types of permissions that can be associated with a Cavisson feature:

Read Only: Whenever a read only permission is granted for a feature then the corresponding user inheriting this permission will only get the option to view the feature and not make any changes to the same like add, edit and/or delete.
Read/Write: As the name indicates, the read/write permission will allow corresponding users to view and make changes to an associated feature.
No Permission: Give the no-permission association when you do not want the user/role to have the permission to either view or edit a particular feature.

Three roles are pre-bundled in the product which creates ease of onboarding and provides a ready mechanism for you to associate your users with the required roles. These pre-defined roles are as follows:

Admin: This role, as the name suggests, has the read/write permission for all Cavisson features including account/project management, billing, access management, API keys etc.
Standard: The standard role has a restricted set of permissions but still provides additional permissions than the read only role in terms of viewing billing usage, viewing access management etc.
Read Only: Restricted set of permissions with no permissions given for critical features like billing, access management, account/project management and configurations across various modules.

Available Roles

The Available Roles section is displayed in a tabular format and includes the following columns:

Type: Shows the type or role i.e. whether it is created by the user or is a pre-bundled role managed by Cavisson.
Name: Displays the name of the role.
Description: Provides details about the role's permissions or purpose.
Number of Users: Shows the total number of users assigned to the role.
Action: User can perform different actions explained below.
- Copy: The user can create a copy of the selected role by clicking the copy icon.
- Edit: The user can edit the name, description, feature, project, and tier of the role by clicking the edit icon.
- Delete: The user can delete the role by clicking the delete icon.

Add New Role

To add a new role, click the icon , then specify the role's name and a description for the role.
- Feature: It displays a features permission table showing the feature name, sub-feature name, feature description, and permissions: Read/Write, Read-Only, or No Permission (explained earlier).
  - Copy existing permissions from pre-defined roles by selecting a role from the “Choose Role Template” dropdown and clicking on Apply. Once done, you will be able to see that the permissions associated with the predefined role will be applied on all the features/sub-features. Users can change the permission from the corresponding dropdown in the Permissions column in case any change is required.
- Project: The project permission table displays the project name, sub-project name, project permissions (Read/Write, Read-Only, or No Permission), and actions to edit or delete the project.
- Tier: With the tier level permission, you can allow or restrict users from seeing data of specific tiers depending upon your requirement. For e.g. you can allow your development team to view data only of the dev tier and your QA team to view data of the Testing tier.
  - Users have the flexibility to associate the tiers to a role via different mechanisms i.e. one can add all tiers to a role, add selected tiers via the multi select option or by providing a pattern. For e.g. giving the WebTier* pattern will allow this role to have access to all tiers starting with WebTier i.e. WebTier1,WebTier2,WebTier3 etc.

Note :

Users managed by cavisson can copy but are not able to edit and delete roles.