Application Roles

Security Role List

N2ACD uses a granular list of roles that are mapped to user groups based on the authentication configuration for each of the application GUIs. For more information on how to map user groups to these roles, see the application security page.

Application Security Group Admin? Comment
Shared admin_read Y Read access to the entire application.
Shared admin_write Y Write access to the entire application.
Shared customer_read N Read access to customer data.
Shared flow_read N Read access to flow data.
Shared internal_user N Indicates an internal user (I.e. a user within the operator’s company).
Shared external_user N Indicates an external user (e.g. a wholesale user, agent or external customer user).
Shared report_execute:<report_tag_auth_group> N Read the report tag authentication group section.
Shared service_number_fields_read N Read access to service number fields that aren’t configured with a specific auth_group.
Shared service_number_fields_update N Write access to service number fields that aren’t configured with a specific auth_group.
Shared service_number_fields_read:<auth_group> N Read access to service number fields configured with the corresponding auth_group value.
Shared service_number_fields_update:<auth_group N Write access to service number fields configured with the corresponding auth_group value.
N2ACD Admin account_code_read N Read access to account code setting data.
N2ACD Admin account_code_write N Write access to account code setting data.
N2ACD Admin announcement_language_read N Read access to announcement languages data.
N2ACD Admin announcement_language_write N Write access to announcement languages data.
N2ACD Admin announcement_read N Read access to announcement data.
N2ACD Admin announcement_write N Write access to announcement data.
N2ACD Admin config_read N Read access to site-specific configuration data.
N2ACD Admin config_write N Write access to site-specific configuration data.
N2ACD Admin customer_write N Write access to customer data.
N2ACD Admin flow_node_restriction_read N Read access to flow node restriction set data.
N2ACD Admin flow_node_restriction_write N Write access to flow node restriction set data.
N2ACD Admin flow_node_type_read N Read access to enabled flow nodes data.
N2ACD Admin flow_write N Write access to flow data.
N2ACD Admin geography_read N Read access to geography data.
N2ACD Admin geography_write N Write access to geography data.
N2ACD Admin holiday_read N Read access to holiday data.
N2ACD Admin holiday_write N Write access to holiday data.
N2ACD Admin service_read N Read access to service number data.
N2ACD Admin service_write N Write access to service number data.
N2ACD Admin speed_dial_read N Read access to speed dial data.
N2ACD Admin speed_dial_write N Write access to speed dial data.
N2ACD Admin srp_read N Read access to SRF definition data.
N2ACD Admin srp_write N Write access to SRF definition data.
N2ACD Admin prefix_mapping_read N Read access to prefix mapping data.
N2ACD Admin prefix_mapping_write N Write access to prefix mapping data.
N2ACD Admin termination_number_range_read N Read access to termination number range data.
N2ACD Admin termination_number_range_write N Write access to termination number range data.
N2ACD Admin user_read N Read access to N2ACD user data.
N2ACD Admin user_search N Read access for searching users.
N2ACD Admin user_write N Write access to N2ACD user data.
N2ACD Admin report_read N Full administrative read access to report data.
N2ACD Admin report_write N Write access to report data.
N2ACD FE audit_read N See last change user and last change date information.
N2ACD FE audit_read_limited N See last change date information.
N2ACD FE customer_create N Write (create) access to customer data.
N2ACD FE customer_update N Write (update) access to customer data.
N2ACD FE flow_create N Write (create) access to flow data.
N2ACD FE flow_delete N Write (delete) access to flow data.
N2ACD FE flow_update N Write (update) access to flow data.
N2ACD FE external_id_read N Read access to external flow identifiers (MFIDs).
N2ACD FE external_id_update N Write access to existing external flow identifiers (MFIDs).
N2ACD FE alternative_number_read N Read access to alternative termination number activation.
N2ACD FE alternative_number_update N Write access to alternative termination number activation.
N2ACD FE alternative_flow_update N Write access to alternative flow change and activation.
N2ACD FE service_data_read N Read access to account code, geography, holiday, announcement, announcement language, speed dial, prefix mapping, and termination range data.
N2ACD FE service_number_read N Read access to service number data.
N2ACD FE service_number_create N Write (create) access to service number data.
N2ACD FE service_number_delete N Write (delete) access to service number data.
N2ACD FE service_number_update N Write (update) access to service number data.
N2ACD FE service_number_schedule_read N Read access to service number schedule data.
N2ACD FE service_number_schedule_update N Write access to service number schedule data.
N2ACD FE report_schedule_read N Read access to the list of their schedules for reports within the N2ACD-FE GUI.
N2ACD FE report_schedule_update N Create, update and delete access to the user’s own report schedules for reports within the N2ACD-FE GUI.
N2ACD FE report_execute N Adds the ability for the user to execute reports within the N2ACD-FE GUI.
N2ACD FE report_execute:<report_tag_auth_group> N Read the report tag authentication group section.
N2ACD FE flow_operation_update:<flow_node_type> N Read the flow operation update group section.

Minimum Role List

Each UI requires several roles to be granted to a user before usable access can be achieved. Without the minimum role list being granted, the user will be logged out automatically on attempting to log in - i.e. the user may be authorised, but due to missing roles, access to the UI will be rejected immediately.

Administration GUI

The minimum list of roles for an administration GUI user must include the following roles:

Each user must additionally be given one of the two roles:

Flow Editor GUI

The minimum list of roles for a flow editor GUI user must include the following roles:

Each user must additionally be given one of the two roles:

Flow Update Operation Group

N2ACD-FE supports granular controls for the update of singular node types within a flow.

For users that do not possess the flow_update group the flow_operation_update:<flow_node_type> group may be used.

Enabling a flow operation update group when flow_update is not present will allow users to make targeted changes to only the flow node types specified when editing a flow. When saving changed flows in this mode only the configuration changes for the changed node type will be persisted.

This allows for restricted editing such as restricting a user to only change AttemptTerminate node types within a more complex flow.

Available flow operation update groups:

Report Tag Authentication Group

To help restrict the viewing and executing of reports, the ability to assign reports via the authentication group was added. Assigning an authentication group with a valid report tag authentication group will allow the user (with said authentication groups) to be able to view reports assigned to the report tag authentication group.

The structure of the report tag authentication groups are as follows:

    <security_role>:<report_tag_auth_group>

Report Tag Auth Group

The report_tag_auth_group value is used to match again the system’s report tags, if a valid match is found then the user is able to see all reports assigned to the report tag matching the report_tag_auth_group.