Creating and Managing Roles
Roles allow you to finely control access to the Lucidum system. A role is a set of permissions for tasks in Lucidum.
Lucidum includes default roles.
You can also create custom roles to meet your needs.
Default Roles
Lucidum includes default roles. You can use these roles and edit them to your specifications.
Admin. This role allows access to all permissions in Lucidum and is appropriate for the users who administer Lucidum.
Api_Users. This role is allows access to the Lucidum API.
IT Operations. This role is for IT and security operations staff.
Lucidum_Support (Lucidum internal role only). This is a role assigned to Lucidum support staff, to maintain customer systems.
The following sections describe the permissions assigned to each default role.
IT Operations
This role is for IT and security operations staff.
Name | Description |
PermissionManage | Read/Write access to assign permissions to roles |
RoleManage | Read/Write access to the Role Management page |
UserManage | Read/Write access to the User Management page (users can only change their own user settings) |
Read System Usage | Access to the resource usage monitoring under the System Stats page |
Read System Log | Access to the system event logs under the System Stats page |
Read License | Read access to the License page |
Start Runner | Deprecated |
Stop Runner | Deprecated |
Read DataQC | Access to the Data QC page |
Read Action | Read access to the Action page |
Write Actions | Read/Write access to the Action page (user can add or change action) |
Read Chart | Read access to the Home page |
Query Builder | Access to the Explore page (user can manage saved queries) |
Search | Access to the Explore page (user can submit and run queries) |
Front_Dashboard | Deprecated |
Front_Home | Can access the sub-menus under the Home menu in the left navigation bar |
Front_DataMapping | Deprecated |
Front_Dataqc | DEprecated |
Front_PythonRunner | Deprecated |
Front_License | Can access Settings > Field Management and Settings > Query Management |
Front_SystemStats | Deprecated |
Front_Settings | Can access the sub-menus under the Settings menu. |
Front_Usermanagement | Can access Settings > User Managemen |
Front_SystemSetting | Can access Settings > System Settings |
Front_FieldDisplay | Can access additional fields in Settings > Field Management |
Front_Connection | Deprecated |
Admin
This role allows access to all permissions in Lucidum and is appropriate for the users who administer Lucidum.
Name | Description |
|---|---|
PermissionManage | Read/Write access to assign permissions to roles |
RoleManage | Read/Write access to the Role Management page |
UserManage | Read/Write access to the User Management page (users can only change their own user settings) |
Read System Usage | Access to the resource usage monitoring under the System Stats page |
Read System Log | Access to the system event logs under the System Stats page |
Read License | Read access to the License page |
Start Runner | Deprecated |
Stop Runner | Deprecated |
Read DataQC | Access to the Data QC page |
Read DataMapping | Deprecated |
Write DataMapping | Deprecated |
Read Action | Read access to the Action page |
Write Actions | Read/Write access to the Action page (user can add or change action) |
Customized Query | Read/Write Access to the Lucidum support page for updating the UI back-end queries (not for normal users) |
Read Chart | Read access to the Home page |
Query Builder | Access to the Explore page (user can manage saved queries) |
Search | Access to the Explore page (user can submit and run queries) |
Modify License | Write access to the License page (user can upload and modify license) |
Front_Dashboard | Deprecated |
Front_Home | Can access the sub-menus under the Home menu in the left navigation bar |
Front_DataMapping | Deprecated |
Front_Dataqc | Deprecated |
Front_PythonRunner | Deprecated |
Front_License | Can access Settings > Field Management and Settings > Query Management |
Front_CustomizedQuery | Can access Settings > Customized Query |
Front_SystemStats | Deprecated |
Front_Settings | Can access the sub-menus under the Settings menu. |
Front_Usermanagement | Can access Settings > User Management |
API_Operator | Access to the Lucidum API |
Front_SystemSetting | Can access Settings > System Settings |
Schedule | Read/Write access to the query scheduling |
Front_FieldDisplay | Can access additional fields in Settings > Field Management |
Front_Connection | Deprecated |
TeamChannelAdmin | Create and manage the Team channel for Dashboards |
Api_Users
This role allows access to the Lucidum API.
Name | Description |
|---|---|
API_Operator | Access to the Lucidum API |
Lucidum_Support (Lucidum internal role only)
This is a role assigned to Lucidum support staff, to maintain customer systems.
Name | Description |
|---|---|
RoleManage | Read/Write access to the Role Management page |
UserManage | Read/Write access to the User Management page (users can only change their own user settings) |
Read System Usage | Access to the resource usage monitoring under the System Stats page |
Read System Log | Access to the system event logs under the System Stats page |
Read License | Read access to the License page |
Start Runner | Deprecated |
Stop Runner | Deprecated |
Read DataQC | Access to the Data QC page |
Read Action | Read access to the Action page |
Write Actions | Read/Write access to the Action page (user can add or change action) |
Customized Query | Read/Write Access to the Lucidum support page for updating the UI back-end queries (not for normal users) |
Read Chart | Read access to the Home page |
Query Builder | Access to the Explore page (user can manage saved queries) |
Search | Access to the Explore page (user can submit and run queries) |
Front_Dashboard | Deprecated |
Front_Home | Can access the sub-menus under the Home menu in the left navigation bar |
Front_DataMapping | Deprecated |
Front_Dataqc | Deprecated |
Front_PythonRunner | Deprecated |
Front_License | Can access Settings > Field Management and Settings > Query Management |
Front_CustomizedQuery | Can access Settings > Customized Query |
Front_SystemStats | Deprecated |
Front_Settings | Can access the sub-menus under the Settings menu. |
Front_Usermanagement | Can access Settings > User Management |
Front_SystemSetting | Can access Settings > System Settings |
Schedule | Read/Write access to the query scheduling |
Front_FieldDisplay | Can access additional fields in Settings > Field Management |
Front_Connection | Deprecated |
Creating a Custom Role
To create a custom role:
Navigate to Settings > User Management > Role.
Click New Role.
In the New Role modal page, enter the following:
Name. Enter a name for the custom role.
Permissions. Assign permissions to the custom role.
To assign a permission, click on its checkbox in the Available list and click the > arrow to move the permission to the Selected list.
To remove a permission, click on its checkbox in the Selected list and click the < arrow to more the permission to the Available list.
Data Sources. You can limit the data sources that a role can access.
If you do not select a data source, the role can access all data from all data sources, as defined by permissions.
To assign a data source to a role, click on its checkbox in the Available list and click the > arrow to move the permission to the Selected list.
To remove a data source from a role, click on its checkbox in the Selected list and click the < arrow to more the permission to the Available list.
Click Confirm to save the new role.
Editing a Role
You cannot edit the name of an existing role. But you can edit the permissions and the data sources associated with an existing role.
To edit an existing role:
Navigate to Settings > User Management > Role.
Find the role you want to edit. Click its Edit link.
In the Edit Role modal page, you can edit the permissions and data sources for the role.
To edit the permissions and data sources for a role:
Permissions. Assign permissions to the custom role.
To assign a permission, click on its checkbox in the Available list and click the > arrow to move the permission to the Selected list.
To remove a permission, click on its checkbox in the Selected list and click the < arrow to more the permission to the Available list.
Data Sources. You can limit the data sources that a role can access.
If you do not select a data source, the role can access all data from all data sources, as defined by permissions.
To assign a data source to a role, click on its checkbox in the Available list and click the > arrow to move the permission to the Selected list.
To remove a data source from a role, click on its checkbox in the Selected list and click the < arrow to more the permission to the Available list.
Click Confirm to save your changes to the role.
Deleting a Role
To delete a role:
Navigate to Settings > User Management > Role.
Find the role you want to edit. Click its Delete link.
All Permissions
The following table describes all the permissions you can assign to a role.
Name | Description |
|---|---|
PermissionManage | Read/Write access to assign permissions to roles |
RoleManage | Read/Write access to the Role Management page |
UserManage | Read/Write access to the User Management page (users can only change their own user settings) |
Read System Usage | Access to the resource usage monitoring under the System Stats page |
Read System Log | Access to the system event logs under the System Stats page |
Read License | Read access to the License page |
Start Runner | Deprecated |
Stop Runner | Deprecated |
Read DataQC | Access to the Data QC page |
Read DataMapping | Deprecated |
Write DataMapping | Deprecated |
Read Action | Read access to the Action page |
Write Actions | Read/Write access to the Action page (user can add or change action) |
Customized Query | Read/Write Access to the Lucidum support page for updating the UI back-end queries (not for normal users) |
Read Chart | Read access to the Home page |
Query Builder | Access to the Explore page (user can manage saved queries) |
Search | Access to the Explore page (user can submit and run queries) |
Modify License | Write access to the License page (user can upload and modify license) |
Front_Dashboard | Can access Home |
Front_Home | Can access the sub-menus under the Home menu in the left navigation bar |
Front_DataMapping | Deprecated |
Front_Dataqc | Deprecated |
Front_PythonRunner | Deprecated |
Front_License | Can access Settings > Field Management and Settings > Query Management |
Front_CustomizedQuery | Can access Settings > Customized Query |
Front_SystemStats | Deprecated |
Front_Settings | Can access the sub-menus under the Settings menu. |
Front_Usermanagement | Can access Settings > User Management |
API_Operator | Access to the Lucidum API |
Front_SystemSetting | Can access Settings > System Settings |
Schedule | Read/Write access to the query scheduling |
Front_FieldDisplay | Can access additional fields in Settings > Field Management |
Front_Connection | Deprecated |
TeamChannelAdmin | Create and manage the Team channel for Dashboards |