Information Security Analytics (ISA) uses a role-based user management mechanism. On installation, the system creates one default user, the ISA administrator. Also, when new users are added to the system they can be assigned the administrator permissions. The administrator role has access to the screens of the ISA interface and can perform all permitted Actions. There is also the concept of the "Owner" permission that applies to Projects, and Data Groups. The table below describes the resources that are assigned to the various roles in ISA.
TODO high level description of who does what. eg. admins use the Manager, and users create Projects for collaboration.
Resources Assigned to the Roles
A resource is the same thing as a web page, menu item or action that can be performed within the Information Security Analytics administration website.
Resource
Functionality
Admin
Owner
User
Projects
View Projects
X
Only projects they are Owner/Member of
Only projects they are Owner/Member of
Edit
X
X
Delete
X
X
Project Settings
X
Users
View
X
User sees list with no Add or Edit
User sees list with no Add or Edit
Add
X
Edit
X
User Groups
View
X
User sees User Groups they are member of with no Add or Edit
User sees User Groups they are member of with no Add or Edit
Add
X
Edit
X
Data Groups
View
X
User sees only data groups they are Owner or Member with no Add
User sees only data groups they are Owner or Member with no Add
Add
X
Edit
X
User can edit data groups they are an Owner of (legacy)
Sources
View
X
User can see list of sources they have access to or Owner of
User can see list of sources they have access to or Owner of
Add
Admin can add sources into any Data Group they are member of
User can add source into Data Groups they are Owner/Member of
User can add source into Data Groups they are Owner/Member of
Edit
X
Actions
X
User can only perform actions on Sources they are Owner of
User can only perform actions on Sources they are Owner of