Skip to main content
Version: 4.2.5

Manage Access to iCore tools Based on User Roles

This topic explains how you can control which iCore tools a specific Administrator user role has access to in the Administrator interface (the "Tools" drop-down menu in the App header area, see Administrator GUI).

Access to tools is managed with cmdlets in the iCore.Administrator.Configuration module.

Adding rules for tools

Access to tools is controlled by adding or removing rules for each tool type. Each tool in the list below can be either included or excluded:

  • All
  • LocalSettings
  • Export
  • Import
  • CreateNewSystem
  • UpgradeSystem
  • iCorePowerShellConsole
  • RunComponentTool
  • CodeGenTool
note

"All" is a wildcard with the following effect:

  • included – all tools are available
  • excluded – no tools are available

Example: If "All" is set to included, but "Export" and "Import" are explicitly set to excluded, all tools except those two will be available in the menu.

What about the development tools?

Access to the Adapterflow Wizard, the Developer (Scripts), the Workflow Designer and Web API editor is controlled via User groups in the iCore system (permissions on entity level for Adapterflow, Scripts, Workflows and Web APIs respectively).

Examples

To make all tools except Export and Import available in the menu (for the "Administrators" user role):

Add-iCoreAdminRoleToolsRule -SiteName "My iCore Site" ` 
-Role "Administrators" `
-IncludedTools All `
-ExcludedTools Import,Export

This results in the following rule:

ToolIsIncluded
AllTrue
ImportFalse
ExportFalse

Parts of the rule can also be removed by running the Remove-iCoreAdminRoleToolsRule cmdlet, where the specified tool type is removed from the rule. Note that the tool is removed regardless if it has been set as included or excluded. 

To remove the exclusion of the Export tool from the above rule:

Remove-iCoreAdminRoleToolsRule -SiteName "My iCore Site" -Role "Administrators" -Tool Export

The rule is now:

ToolIsIncluded
AllTrue
ImportFalse

To see an overview of the rule applied to the "Administrators" role:

  Get-iCoreAdminRoleToolsRules -SiteName "My iCore Site" -Role "Administrators"

See Also

Managing roles and users