Operator Roles - Default Permissions

Operator Roles - Default Permissions

1.0 Introduction

There are several default operator roles in Borealis, each with default user interface settings and permissions.

By default, only System Owners and Super operators can add new operators and edit operator roles. However, an Operators Manager does, by default, have the ability to edit and remove existing operators.


New operator roles can also be added, for example; You could add an End User role. The following document explains how to add and edit operator roles: 

https://help.kerisys.com/portal/en/kb/articles/edit-roles

This document explains which user interface settings and permissions are enabled, by default for each of the operator roles.

Notes:
  1. Operator Roles have a role number assigned which determines what access the operator has. The lower the role number the more access. The System Owner is assigned a role number of -1, this number is reserved for the System Owner and cannot be changed or assigned to other operators. 
  2. Operators with the rights to add other operators can only create, change, or delete roles that have a level equal to or higher than their own.
  3. The permissions and settings noted below are the default settings. A System Owner and a Super user can edit the settings that apply to the operator roles. The only operator role that cannot be edited is the Owner role.

2.0 Default Operator Role Permissions

System Owner

An Owner operator, by default has all user interface permissions fully enabled by default, and the owner is the only operator that can make Borealis subscription payments or purchase additional items, such as operator Advance Permission.

Each system only has one Owner and the System Owner is the only person who can access the Subscriptions page. The System Owner can also transfer ownership to a different operator account.

Super Operator

A Super operator by default has all user interface permissions fully enabled by default, except for the ability to pay for Borealis subscriptions and a Super operator also cannot view billing history or access the Subscriptions page. A Super operator and the System Owner are also the only operators, by default, who can add additional operators or edit operator roles.

Notes
IMPORTANT NOTE: If the person installing the system will also be assisting with setting up cardholders, credentials and access rights or training the end user on these administrative tasks, they should be assigned the Super operator role and not the Installer Role.


Installer

An Installer operator, by default has all user interface permissions fully enabled by default, except for the following:
  1. Access Rights - Set to Read Only
  2. Cardholder Custom Field Templates - Set to Read Only
  3. Cardholders - Set to Read Only
  4. Credentials - Set to Read Only
  5. Operator Roles - Not Enabled/Displayed
  6. Operators - Not Enabled/Displayed
  7. Schedules - Not Enabled/Displayed
  8. Site Calendar - Not Enabled/Displayed
Typically an installer role will be assigned to an operator who will only be involved in adding, setting up and configuring the hardware.


Operators Manager

An Operators Manager role has limited permissions, by default. The Operators Manager role has the following default settings applied:
  1. Access Rights - Full Permissions
  2. Automation Rules - Not Enabled/Displayed
  3. Cardholder Custom Fields - Field Templates are Read Only
  4. Cardholders and Credentials - Full Permissions
  5. Communication Channels - Not Enabled/Displayed
  6. Controllers - Not Enabled/Displayed
  7. Custom Credential Formats - Not Enabled/Displayed
  8. Devices - Switch Tech - Not Enabled/Displayed
  9. Elevator Access Rights - Not Enabled/Displayed
  10. Elevator Facilities  - Not Enabled/Displayed
  11. Firmware Updating - Not Enabled/Displayed
  12. Holiday Types - Not Enabled/Displayed
  13. Holidays - Full Permissions
  14. Hub Log Uploads - Not Enabled/Displayed
  15. Hubs - Not Enabled/Displayed
  16. Input Control - Not Enabled/Displayed
  17. Inputs - Not Enabled/Displayed
  18. Live Events - Not Enabled/Displayed
  19. Operator Roles - Not Enabled/Displayed
  20. Operators - Can edit and delete existing operators
  21. Output Control - Not Enabled/Displayed
  22. OutputsNot Enabled/Displayed
  23. Panels Not Enabled/Displayed
  24. Readers Not Enabled/Displayed
  25. Reports - Full Permissions
  26. Schedules - Full Permissions
  27. Site Calendar - Not Enabled/Displayed
  28. Sites - Not Enabled/Displayed
  29. System Settings - Full Permissions

Sites Manager

The Sites Manager operator role, by default only has the ability to add new sites and view, update or delete existing sites. All other operator role permissions for the Sites Manager are not enabled or displayed.





    • Related Articles

    • Edit Operator Roles/Permissions

      1.0 Introduction The operator roles determine what areas of the user interface operators are able to access and administer after they have logged-in. By default, there are five different account roles; Owner, Super, Installer, Operators Manager and ...

    • Operator Role Definitions

      The following document explains what each of the default operator roles are in Borealis. A system has five operator roles but more roles can be added by a System Owner or Super user. Note: The definitions below summarize the purpose of each of the ...

    • Borealis - Operator Audits

      1.0 Introduction The Operator Audits features allows you to find out what administrative actions have been performed by a logged-in operator. For example, you can use it to find out which operator added or deleted a controller, enrolled or ...

    • Add a New Operator Account

      1.0 Introduction The following steps explain how to add a new operator to Borealis that will have rights to administer the Borealis system. Important Notes: - To add a new operator account you must ensure the new operator e-mail address is already ...

    • Operator Password Reset

      The following steps explain to reset your Borealis operator password: Visit keri.aetheros.net Click on Forgot Password? A password reset link will be sent to the registered e-mail address. Please allow a few minutes for the e-mail to arrive. From the ...