Application Scopes for Users and features




Overview


In order to organize the different assets of the ProVConnect Server, such as users, Monitoring Rules and Automatic policies, the administrator must affect these items to a set of devices group on which they access or apply. This set of devices group is called the Application Scope.


Exemples :


This user can only access the devices inside the europe group



This Monitoring Rule can only be applied on the asia group


This Automatic Policy will execute itself on all the groups



Warning : Note that a device group can’t be deleted if at least one Monitoring Rule or Automatic Policy are deployed on it.



How the user scope interact with the rules and policies scope


According to differences in user scope and rule/policy scope, the user may be granted different rights.


Case 1 : The user has the full rights on a rule or an automatic policy










The scopes of the Monitoring Rule and the Automatic Policy are completely inside the User Scope. 

  • Therefore the user has the full rights on them.




Case 2 : The user has partial rights on a rule or an automatic policy










The scope of the User matches the scope of this Monitoring Rule and this Automatic Policy, but doesn’t fully contains their scopes. In this case

  • The user can Load/Unload the Monitoring Rule, but can’t edit or delete it.
  • The user can see the Automatic Policy, but can’t edit or delete it.




Case 3 : The user has no rights on a rule or an automatic policy


 








The scopes of the Monitoring Rule and the Automatic Policy doesn’t match the user scope. In this case

  • The user can’t see the Monitoring Rule on the server
  • The user can’t see the Automatic Policy

  



How the User Scope interact with Task Templates and Library File Scope

  

Case 1 : The user has the full rights on a library file or a task template

  • The user can edit and delete the items and modify their scope as well.
  • Those items can be loaded and interact with any devices within the user scope.

 

Case 2 : The user has partial rights on a library file or a task template 

  • The user can’t edit or delete the items and he can’t modify their scope as well.
  • Those items can be loaded and can interact with any devices within the user scope. Just like if the user has the full rights on it.

  

Case 3 : The user has no rights on a library file or a tak template


  • The user can’t see the task template at all.
  • The user can’t see the file as well.

   


How the User Scope interact with Conformity Template

  

Case 1 : The user has the full rights on a conformity template

  • The user can edit and delete the template at will.
  • They can be loadeed on any groups within the user scope.

 

Case 2 : The user has partial rights on a conformity template 

  • The user can’t edit or delete the template.
  • The user only can consult the result of the template on the devices of its scope.

  

Case 3 : The user has no rights on a library file or a tak template

  • The user can’t see the template at all.