(Click to open topic with navigation)
This topic lists all the permissions you can set when you configure roles in Viewpoint.
Permissions are stored in Moab Web Services. Any new permission you want to add to Viewpoint you must add through Moab Web Services. For more information, please see the "Permissions" resource section of the Moab Web Services Reference Guide.
The actual permission name will be in this format, corresponding with the attributes you define at permission creation in MWS: <type>.<resource>.<action> (for example, page.internalPage.read).
Use case
For example, say you want to create a custom navigation link to another internal web page and you only want "admin" role users to be able to see the link. Here's what you would do:
On the Edit Role page, permissions are grouped in the following categories. Each table lists the permission name and describes what the permission does. By default, all permissions are added to the delivered "
At any time, you can reset the default permissions to the delivered roles on the Set Viewpoint Defaults configuration page (for more information, see Resetting default roles and permissions).
Note that, depending on your type of suite, some permissions may not apply.
Accounting/accounts
Credentials
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read credentials | Permission to read credentials. | Read | credentials | Global |
Diag
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read diagnostics | Permission to read diagnostics. | Read | diag | Global |
Events
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read all events | Permission to read all events. | Read | events | Global |
Job-arrays
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create job arrays | Permission to create job arrays. | create | job-arrays | Global |
Jobs
Metric-types
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read metric types | Permission to read metric types | read | metric-types | Global |
Nodes
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read all nodes | Permission to read all nodes. | read | nodes | Global |
Notifications
Permissions
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create permissions | Permission to create permissions. | create | permissions | Global |
Delete permissions | Permission to delete permissions. | delete | permissions | Global |
Read permissions | Permission to read permissions. | read | permissions | Global |
Plugin-types
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create or update plugin-types | Permission to create or update plugin types. | update | plugin-types | Global |
Read plugin-types | Permission to read plugin types. | read | plugin-types | Global |
Plugins
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create plugins | Permission to create plugins. | create | plugins | Global |
Delete plugins | Permission to delete plugins. | delete | plugins | Global |
Read plugins | Permission to read plugins. | read | plugins | Global |
Update plugins | Permission to update plugins. | update | plugins | Global |
Principals
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create principals | Permission to create principals. | create | principals | Global |
Delete principals | Permission to delete principals. | delete | principals | Global |
Read principals | Permission to read principals. | read | principals | Global |
Update principals | Permission to update principals. | update | principals | Global |
Reports
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create reports | Permission to create reports. | create | reports | Global |
Delete reports | Permission to delete reports. | delete | reports | Global |
Read reports | Permission to read reports. | read | reports | Global |
Update reports | Permission to update reports. | update | reports | Global |
Reservations
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create reservations for any tenant | Permission to create reservations for any tenant. | create | reservations | Global |
Delete any tenant's reservations | Permission to delete any tenant's reservation. | delete | reservations | Global |
Read all reservations | Permission to read all reservations. | read | reservations | Global |
Update all reservations | Permission to update all reservations. | update | reservations | Global |
Resource-types
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read resource-types | Permission to read resource types. | read | resource-types | Global |
Roles
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create roles | Permission to create roles. | create | roles | Global |
Delete roles | Permission to delete roles. | delete | roles | Global |
Read roles | Permission to read roles. | read | roles | Global |
Update roles | Permission to update roles. | update | roles | Global |
Standing-reservations
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Read standing-reservations | Permission to read standing reservations. | read | standing-reservations | Global |
Tenants
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create tenants | Permission to create tenants. | create | tenants | Global |
Delete tenants | Permission to delete tenants. | delete | tenants | Global |
Read tenants | Permission to read tenants. | read | tenants | Global |
Update tenants | Permission to update tenants. | update | tenants | Global |
VCs
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Create virtual containers | Permission to create virtual containers. | create | vcs | Global |
Destroy virtual containers | Permission to delete virtual containers. | delete | vcs | Global |
Read virtual containers | Permission to read virtual containers. | read | vcs | Global |
Update virtual containers | Permission to update virtual containers. | update | vcs | Global |
Gadget
These permissions apply to the Viewpoint Homepage gadgets. For more information, see Homepage gadgets.
These permissions allow users to see certain gadgets on the Homepage. However, do not forget that the content displayed in gadgets is controlled by object permissions. As administrators give role permissions for gadgets, they must also apply the corresponding object permissions so that users can see the correct gadget information.
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Job Count |
Permission to view the Job Count gadget. (Administrators will want to add the corresponding Read all jobs object permission.) |
Read | -- | None |
Node Memory Dedication (Average) |
Permission to view the Node Memory Dedication gadget. (Administrators will want to add the corresponding Read all nodes or Permissions object permission.) |
Read | -- | None |
Node State |
Permission to view the Node State gadget. (Administrators will want to add the corresponding Read all nodes or Permissions object permission.) |
Read | -- | None |
Urgent Events Log |
Permission to view the Urgent Event Log gadget. (Administrators will want to add the corresponding Read all events or Permissions object permission.) |
Read | -- | None |
Page
These permissions apply to the pages in Viewpoint.
If a user tries to access a page that he or she does not have permission to view, Viewpoint will notify them with the following message:
"The page you requested could not be found by the server or you do not have the permissions necessary to view this page. Please contact your administrator for help."
Name | Description | Action | Resource | Scope |
---|---|---|---|---|
Configuration | Permission to access the Configuration page (for more information, see About configuration). | Read | -- | None |
Events | Permission to access the Event Log/Event Details pages (for more information, see About event log). | Read | -- | None |
Home | Permission to access the Homepage (for more information, see Homepage gadgets). | Read | -- | None |
Job Management | Permission to access the Job Management/Job Details pages (for more information, see About job management). | Read | -- | None |
Moab Accounting Manager | Permission to access the Accounting Manager page |
Read | -- | None |
New Reservation | Permission to access the New Reservation page (for more information, see Fields: New Reservation). | Read | -- | None |
Node Management | Permission to access the Node Management/Node Details pages (for more information, see About node management). | Read | -- | None |
Notification Management | Permission to access the Notification Management page (for more information, see About notification management). | Read | -- | None |
Reservation Management | Permission to access the Reservation Management/Reservation Details pages (for more information, see About reservation management). | Read | -- | None |
Role Management | Permission to access the Role Management page (for more information, see About role management). | Read | -- | None |
Submit Jobs | Permission to access the Submit Jobs page (for more information, see Submitting a job). | Read | -- | None |
Tenant Management | Permission to access the Tenant Management/Edit Tenant pages (for more information, see About tenant management). | Read | -- | None |
This section outlines which permissions are included by default in
All Viewpoint and object permissions are included in the
HPCUser role
The HPCUser role contains the following Viewpoint and object permissions:
Object permissions
Accounting | All permissions except for Quote usage-record |
Credentials | |
Events | Read all events |
Job-arrays | |
Jobs |
All permissions |
Metric-types | |
Nodes | |
Notifications | |
Resource-types |
Viewpoint permissions
Gadget | |
Page |
Related topics