Access Control
Strict access control makes sure, that only experts are allowed to create and edit dashboards, while users can only view and analyse data of selected dashboards.
DaqMon supports multiple levels of Role-Based Access Control (RBAC):
System level: every user has a system role which defines what they can do (Admin, Expert, User)
Project level: a project is a group of multiple dashboards and you can restrict which users are allowed to see or edit the dashboards in the project
Dashboard level: for each dashboard you can override the default access-level from the parent project
User Management
DaqMon allows you to create as many users as you like. Users can log-in using their e-mail and password.
Each user has a system role (User, Expert or Admin).
System Roles
The 3 system roles (Admin, Expert, User) define which system features a user is allowed to access
User
The User has only basic permissions, e.g.
log-in/out
change their own settings
view only specific dashboards
Expert
In addition to the User permissions, an Expert is also allowed to
create new dashboards
delete dashboards
edit dashboards: rearrange/add/edit/delete visual controls, change the assigned permission groups
Admin
The Admin has full access permissions. In addition to the expert, the Admin is also allowed to
create new users
delete users
change the password of any user
view and change system settings: e.g. upload API-Keys, e-mail settings, etc.
create projects, dashboards, ..
Access Levels
Project Level
Admins can restrict user access per project.
In the example above, the user named Expert is not allowed to access the project (and thus any dashboards that belong to the project),
John Doe is a system Expert, but for this project, we have changed his access level to User, so that he is only allowed to view the dashboards in this project, but can not edit them.
The other 2 users keep their default system role.
Dashboard Level
For each dashboard we can further restrict access.
Note, that the user Expert, does not even show up in the user list of the dashboard, because we have already denied access for this user on the project level.
Frank and John Doe have User access on the project level, but we deny them access to this dashboard: i.e. they can view other dashboards in this project, but they will not see this one.