Access Control List (ACL)

Note

Admins roles and permissions (ACL settings) are related only to Admin Cockpit admins

Open Loyalty platform uses roles and permissions to create different levels of access to the Admin Cockpit. When your platform is first installed, you receive a Super admin role that has full permissions and give you full administrative access.

However, you can restrict the level of permissions for other admin users, who work with you. For example, a customer service can given access to only the Customers, but not to areas with settings and earning rules.

Note

To give someone restricted access to the Admin, the first step is to create a role that has the appropriate level of permissions.

After the role is saved, you can add new admins and assign the restricted role to grant them limited access to the Admin.

If an Admin user’s access is restricted to specific sections and/or elements, the sections and elements for which they are not authorized will either not be visible to them, or grayed-out as inactive.

Admin Roles

Note

The grid lists all the existing roles. After the first is installed, Super admin is the only role available.

New role creation

To add new Role:

  1. Tap the Settings icon settings in the upper-right corner and choose ACL on the menu.
  1. To add a new role, tap Add Role
Add new role button Add new role
  1. In the Basic Information section enter a descriptive role Name.

4. Check if the role is set as Default. If a role is set as default, it will be assigned to any admin user created by logging in by LDAP.

  1. To assign resources and permissions level, do the following:
  • tap Add permission in Permissions field
  • set Access level of permissions to one of the following:
    • Modify
      user can do anything in platform specified sections and/or elements
    • View
      user can only read and display the platform specified sections and/or elements
  • in Resource field select from dropdown Admin Cockpit resource that the role can specified in previous step Access
Assigne resources
  1. Repeat step 4 to add access for additional resources assigned to the Role
  2. You can simply remove permission by clicking bin bin icon in a particular row
  1. When it is done, tap SAVE

The role now appears in the grid, and can be assigned to new user accounts.

ACCESS DESCRIPTION
View
Admins can view resources and their properties, to which they are
assigned
Modify
Admins can view and modify resources and their properties, to which
they are assigned, including adding, deleting and edit option
Not listed
Specifies that the permission type is not granted for the object.
Admin can not view or make any changes to the resources, if they are
not assigned to him.

To learn more about Role resources please find Role resources section

Warning

Remember that many resources are located in several sections within the Open Loyalty platform.

For example

the level details and their creation is done in the “Levels” section, but in the “Customers” sections there is also the possibility of preview and editing the assigned level.

Tip

When assigning resources, please be sure to include all sections containing resources to which user should have an access. Otherwise, admins will not be able to modify or view them all.

Admins roles management

To edit a Role:

Role edition mode
  1. Tap the Settings icon settings in the upper-right corner and choose ACL on the menu.
  1. In the Roles list, find the record to be edited and click Edit icon edit in the Action column to open the role in edit mode.
  1. Make any necessary changes to role details. If you change resources, make sure they have been assigned correctly

    You can simply remove permission by clicking bin bin icon in a particular row

To remove a Role:

You can also delete existing role from the Admin.

Warning

Default Super admin role can not be deleted

  1. Tap the Settings icon settings in the upper-right corner and choose ACL on the menu.
  1. In the Roles list, find the record to be deleted and click Remove icon remove in the Action column to delete the role
  1. System displays a message asked you to confirm the action. To confirm tap Yes
Removing Role Action
  1. When finished, tap SAVE

Warning

When removing role, please be sure to don’t delete role which is currently assigned to any user.

Otherwise, user will not be able to login to Admin Cockpit