TULIP DOCS (LTS4)specs/models/M_USER_ROLE
User Role
A user role determines what data in the system a user has access to and what changes they are permitted to make. There are two broad categories of user roles:
- Admin roles - these users can log into the admin console and make changes according to their specific role type. The admin roles:
- Account Owner - Has full access rights to all assets and account-level settings, and manages users
- Administrator - Has full access rights to all assets
- Connector Supervisor - Can build apps, and manage all connectors and connector functions
- Station Supervisor - Can build apps, and manage all stations, machines, machine data sources, and devices
- Tulip Tables Supervisor - Can build apps and manage all Tulip Tables
- Application Engineer - Can build apps
- Viewer - Can only view assets
- Operators - these users can log in to the Tulip Player and run Tulip apps.
| Account | Apps | Tables | Devices/Stations | Machines | Connectors | Analyses | Completions | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Update Account Settings (Update Logo, etc,) | Create/Update/Delete Approval Types | Deactivate User, Update User Info | Add User | Assign Role | Edit Role | Create | Read | Update | Delete | Approve New Versions | Create | Read | Update | Delete | Create | Read | Update | Delete | Create | Read | Update | Delete | OPC Connectors | SQL + HTTP Connectors | Create | Read | Update | Delete | Create | Read | Update | Delete | |||||||
| Create | Read | Update | Delete | Create | Read | Update | Delete | ||||||||||||||||||||||||||||||||
| Account Owner | X | X | X | X | X | X | X | X | X | X | x | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||
| Administrator | X | X | X | X | x | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||
| Operator | X - On Player Only | X- on Player Only | X | X- on Player Only | |||||||||||||||||||||||||||||||||||
| Application Engineer | X | X | X | X | x | X | X | X | X | X | X | ||||||||||||||||||||||||||||
| Station Supervisor | X | X | X | X | x | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||||||||||
| Tulip Table Supervisor | X | X | X | X | x | X | X | X | X | X | X | X | X | X | X | ||||||||||||||||||||||||
| Connector Supervisor | X | X | X | X | x | X | X | X | X | X | X | X | X | X | X | X | X | X | X | ||||||||||||||||||||
| Viewer | X | X | X | X | X | X | X | X | |||||||||||||||||||||||||||||||
| Viewer w/ Player Access | X (Tulip + Player) | X | X | X | X | X | X | X | X |
Tests
| ID | Name |
|---|---|
| QA-T17 | User Management : 09 - Login to /player using new badge ID |
| QA-T173 | SAML : 05 - Operators should not be allowed to login to Factory on SAML |
| QA-T177 | SAML : 08 - Operators whose role changes to Administrator in SAML should be promoted to Administrator in Tulip |
| QA-T178 | SAML : 07 - Administrators whose role changes to Operator in SAML should be demoted to Operator in Tulip |
| QA-T260 | User Roles : 01 - Account Owners can add other Account Owners |
| QA-T261 | User Roles : 03 - Account Owners can edit other users' profiles |
| QA-T262 | User Roles : 02 - Account Owners can create users |
| QA-T263 | User Roles : 04 - Account Owners should be able to deactivate/reactivate users |
| QA-T264 | User Roles : 05 - Administrators should not be able to manage users |
| QA-T265 | User Roles : 06 - Tulip Table Supervisors should not be able to manage connectors |
| QA-T266 | User Roles : 07 - Tulip Table Supervisors should not be able to manage the shop floor |
| QA-T267 | User Roles : 08 - Viewers should be unable to modify data in Tulip |
| QA-T332 | LDAP Tulip Managed : 02 - Users can log in via LDAP |