Roles and Permissions¶
Vilocify has two permission concepts: one for general access to the application with roles user and admin, and one for access to monitoring lists (through subscriptions) with roles owner and reader. The following describes how the roles generally interact and what permissions they entail.
- The user role can
- Create monitoring lists
- See monitoring lists they are subscribed to (including all child dependencies, and recursively all descendants)
- Modify monitoring lists if they are subscribed as owner to the list (including creating and modifying monitoring list dependencies to lists they can see)
- Create and modify own component requests
- See own component requests
- See any notification and any component
- See all memberships of their organization
- Create API Tokens
- The admin role can do everything the user role can, and additionally:
- See all monitoring lists in the organization, even if not subscribed on the list
- Modify monitoring lists, even if not subscribed to the list
- Invite users into the organization
- See and modify any component request of the organization, even if not the author of the request
Note
API Tokens always have the same permissions as the membership who created it.