Adjusting the rights of a role

• RADIUSdesk allows the admin of a cloud to be in one of three possible roles.
  • Admin
  • Operator
  • View
• The rights of the admin is dictated by the role they are in.
• This document will cover the technical details of RBA in CakePHP and also how to manage the rights for each role.

• Each controller in CakePHP has various methods that are called.
• These methods are recorded in a config file with the convention Rba + contoller name + .php.
• Refer to the RbaPermanentUsers.php here:

<?php
 
$config = [];
$config['RbaPermanentUsers'] = [
    'admin'     => ['*'],
    'view'      => [
        'exportCsv',
        'index',
       //'add',
       //'import',
      //'delete',
        'viewBasicInfo',
      //'editBasicInfo',
        'viewPersonalInfo',
      //'editPersonalInfo',
        'privateAttrIndex',
      //'privateAttrAdd',
      //'privateAttrEdit',
      //'privateAttrDelete',
      //'restrictListOfDevices',
      //'autoMacOnOff',
        'viewPassword',
      //'changePassword',
      //'emailUserDetails',
        'enableDisable',
 
        //Buttons
        //'btnRadius',
        //'btnGraph',
        //'btnByod',
        //'btnTopup',
    ],
    'granular'  => [
        'exportCsv',
        'index',
        'add',
        'import',
        'delete',
        'viewBasicInfo',
        'editBasicInfo',
        'viewPersonalInfo',
        'editPersonalInfo',
        'privateAttrIndex',
        'privateAttrAdd',
        'privateAttrEdit',
        'privateAttrDelete',
        'restrictListOfDevices',
        'autoMacOnOff',
        'viewPassword',
        'changePassword',
        'emailUserDetails',
        'enableDisable',
 
        //Buttons
        'btnRadius',
        'btnGraph',
        'btnByod',
        'btnTopup',
    ],
    'logActions'    => true,    //Flag to set if we want to actions logged
    'logExcludes'   => [
        'index'
    ]
];
 
return $config;
 
?>