A user role determines what data in the system a user has access to and what changes they are permitted to make. The resources that each role can access is detailed in the table below.
App Builder | Application Engineer | Approver | Account Owner | Workspace Owner | Administrator | Station Supervisor | Station Operator | Tulip Table Supervisor | Connector Supervisor | Viewer (with Player Access) | Viewer | Operator | |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Settings | |||||||||||||
Update Account Settings | X | ||||||||||||
Update Workspace Settings | X | X | |||||||||||
Manage Approval Types | X | X | |||||||||||
Users | |||||||||||||
Deactivate | X | X | |||||||||||
Edit | X | X | |||||||||||
Add | X | X | |||||||||||
Assign Roles | X | X | |||||||||||
Edit Roles | X | X | |||||||||||
Apps | |||||||||||||
Create/Restore | X | X | X | X | X | X | X | X | |||||
Read | X | X | X | X | X | X | X | X | X | X | X (Tulip and Player) | X (Tulip Only) | X (Player only) |
Update | X | X | X | X | X | X | X | X | |||||
Delete/Archive | X | X | X | X | X | X | X | X | |||||
Approve New Versions | X | X | X | X | X | X | X | X | |||||
Modify Permissions | X | X | X | X | X | X | X | X | |||||
Run Apps in Player | X | X | X | X | X | X | X | X | X | X | X | X | |
Test Apps in Dev Mode | X | X | X | X | X | X | X | X | X | ||||
Add Approvers | X | X | X | X | X | ||||||||
Tables | |||||||||||||
Create | X | X | X | X | |||||||||
Read | X | X | X | X | X | X | X | X | X | ||||
Update from Player | |||||||||||||
Update | X | X | X | X | |||||||||
Delete | X | X | X | X | |||||||||
Machines | |||||||||||||
Create | X | X | X | X | X | ||||||||
Read | X | X | X | X | X | X | X | X | X | X | |||
Update | X | X | X | X | X | ||||||||
Delete | X | X | X | X | X | ||||||||
Devices | |||||||||||||
Create | X | X | X | X | X | X | |||||||
Read | X | X | X | X | X | X | X | X | X | X | |||
Update | X | X | X | X | X | ||||||||
Delete | X | X | X | X | X | ||||||||
Stations | |||||||||||||
Create | X | X | X | X | X | X | |||||||
Read | X | X | X | X | X | X | X | X | X | X | |||
Update | X | X | X | X | X | ||||||||
Delete | X | X | X | X | X | ||||||||
OPC UA Connectors | |||||||||||||
Create | X | X | X | X | X | ||||||||
Read | X | X | X | X | X | X | X | X | X | X | |||
Update | X | X | X | X | X | ||||||||
Delete | X | X | X | X | X | ||||||||
SQL + HTTP Connectors | |||||||||||||
Create | X | X | X | X | |||||||||
Read | X | X | X | X | X | X | X | X | X | ||||
Update | X | X | X | X | |||||||||
Delete | X | X | X | X | |||||||||
Analytics | |||||||||||||
Create | X | X | X | X | X | X | X | X | X | ||||
Read | X | X | X | X | X | X | X | X | X | X | X | X | X |
Update | X | X | X | X | X | X | X | X | X | ||||
Delete | X | X | X | X | X | X | X | X | X | ||||
Completions | |||||||||||||
Create | X | X | X | X | X | X | X | X | X | ||||
Read | X | X | X | X | X | X | X | X | X | X | X | X | X |
Update | |||||||||||||
Delete | |||||||||||||
Player | |||||||||||||
Register a Player | X | X | X | X | X | ||||||||
Camera Configuration | |||||||||||||
Create | X | X | X | X | |||||||||
Read | X | X | X | X | |||||||||
Update | X | X | X | X | |||||||||
Delete | X | X | X | X | |||||||||
Vision Detector | |||||||||||||
Create | X | X | X | X | |||||||||
Read | X | X | X | X | |||||||||
Update | X | X | X | X | |||||||||
Delete | X | X | X | X |
ID | Name |
---|---|
QA-T17 | User Management : 09 - Login to /player using new badge ID |
QA-T173 | SAML : 05 - Operators should not be allowed to login to Factory on SAML |
QA-T177 | SAML : 08 - Operators whose role changes to Administrator in SAML should be promoted to Administrator in Tulip |
QA-T178 | SAML : 07 - Administrators whose role changes to Operator in SAML should be demoted to Operator in Tulip |
QA-T260 | User Roles : 01 - Account Owners can add other Account Owners |
QA-T261 | User Roles : 03 - Account Owners can edit other users' profiles |
QA-T262 | User Roles : 02 - Account Owners can create users |
QA-T263 | User Roles : 04 - Account Owners should be able to deactivate/reactivate users |
QA-T264 | User Roles : 05 - Administrators should not be able to manage users |
QA-T265 | User Roles : 06 - Tulip Table Supervisors should not be able to manage connectors |
QA-T266 | User Roles : 07 - Tulip Table Supervisors should not be able to manage the shop floor |
QA-T267 | User Roles : 08 - Viewers should be unable to modify data in Tulip |
QA-T308 | 09: User permissions get checked when viewing video |
QA-T332 | LDAP Tulip Managed : 02 - Users can log in via LDAP |
QA-T636 | Workspaces : 01 - Login with different roles |
QA-T655 | LDAP Tulip Managed : 02 / Operators can't log into Factory via LDAP |
ID | Requirement |
---|---|
28 | Provide a method for defining privileges to Master Data access and modification by role at element level. Eg. configuration of role or user group for a App or App component and what privileges they have such as view, comment, edit, approve, etc. |
34 | System date and time cannot be changed by users during normal operation and production execution. Only admin with appropriate privileges can change system date and time. |
47 | Manage access to system administration and maintenance functions to users with appropriate privileges |
810 | Provide managed authorized access to all records and electronic signatures including data, information, configurations, and data files. |
821 | Ability to define access security levels for records and electronic signatures. Ie. user groups and user roles and their associated priveleges to system resources and data |
842 | Support specific number of concurrent users as defined by customer license agreements and SLAs |