The example is intended to show how ACL-based authorization can be implemented in Ticket management. The organizational roles shown must be created manually: Create role for facility.
User area A
Module role Ticket Management User: read
Authorizations: Area A — Own ticket: Create, read, modify
Rights of User area A:
Sees the Ticket management menu in the portal
Sees tickets from devices connected to area A or its subordinate facilities
Can read and change their own tickets in progress
Can read and change open tickets (not assigned) belonging to their own resolving group (including subgroups)
Can read and modify tickets belonging to their own escalation group
Can create tickets for devices connected to area A or its subordinate facilities
User area A admin
Module role Ticket Management User: read
Authorizations: Area A — Own ticket: Create, read, modify
Authorizations: Area A — Other ticket: Create, read, modify
Rights of User area A admin:
Sees the Ticket management menu in the portal
Sees tickets from devices connected to area A or its subordinate facilities
Can read and modify open and in-progress tickets
Can create tickets for devices connected to area A or its subordinate facilities
User area A expert
Module role Ticket Management User: read
Authorizations: Area A — Own ticket: Create, read, modify
Authorizations: Area A — Other ticket: Create, read
Rights of User area A expert:
Sees the Ticket management menu in the portal
Sees tickets from devices connected to area A or its subordinate facilities
Can only modify open tickets (not assigned) that belong to their own resolving group
Can only modify their own tickets in progress
Can only modify tickets that belong to their own escalation group
Can create tickets for devices connected to area A or its subordinate facilities
User area A–C admin
Module role Ticket Management User: read
Authorizations: Area A — Own ticket: Create, read, modify
Authorizations: Area A — Other ticket: Create, read, modify
Authorizations: Area B — Own ticket: Create, read, modify
Authorizations: Area B — Other ticket: Create, read, modify
Authorizations: Area C — Own ticket: Create, read, modify
Authorizations: Area C — Other ticket: Create, read, modify
Rights of User area A–C admin:
Sees the Ticket management menu in the portal
Sees all tickets of devices connected to areas A–C or their subordinate facilities
Can read and edit all open and in-progress tickets connected to areas A–C or their subordinate facilities
Can add tickets for devices connected to areas A–C or their subordinate facilities