Permissions
WHO CAN DO WHAT
Permissions bind users to resources.
Overview
Each resource has an inherent set of roles it supports. For some, its a single role (e.g. SSH, you either can, or cannot, use). Others can be more fine grained (e.g. a Share can be Read-Only (Viewer) vs Read-Write (Editor). For Web Applications, these roles are user defined (e.g. Managing-Editor, Contributor in a web site).
A permission is the assigning of which user (or group) has which role in which resource.
Permissions are assigned under Access/Application Permissions (for web applications), and, Access/Resource Permissions (for all other resources such as a Share, Desktop, Launcher, etc.)
Application Permissions
To assign users (or groups) permissions to a web application, enter the ID (user email or group ID) on a new row, and then set the permission on each column.
Agilicus recommends using Groups (so assign users to the group, assign permissions to the group) as it reduces configuration requirements.
![Permissions 3 0f6acbbe image](https://www.agilicus.com/www/0f6acbbe-image-1024x437.png)
Resource Permissions
For resource permissions, enter a new user or group row, and then add each individual resource permission as a ‘chip’. Start by typing the resource name, and then select the role. The roles are often Owner (all permission) or Self (all permission).
![Permissions 4 f8200fe2 image](https://www.agilicus.com/www/f8200fe2-image-1024x587.png)
Diagnose User Permission Issues
To determine how an individual user might interact, you can use the Access/Audits menu. Enter a few letters of the user email and search. Below you will see the entire set of permissions, and, recently used access.
![Permissions 5 373c24cd image](https://www.agilicus.com/www/373c24cd-image-1024x951.png)