Platform Roles and Granular Permissions

Owned by Oscar Prom
Last updated: Jan 26, 2023 by Michael Pflueger
3 min read

Platform Roles

Roles describe what actions each user has permission to do within the level in which they have access. There are three different roles a user can have:

  • Manager - Can manage user access and all aspects of organizations, sites, and exhibits

  • Developer - Can view organizations/sites and can develop exhibits

  • Viewer - Can only interact with existing exhibits

Each newly created organization or site user has the “Viewer” role as default, but this role can be changed via the Organization, Site, or Exhibit screen (depending on the user level).

Permission by User Role

Manager

Developer

Viewer

Permission by User Role

Manager

Developer

Viewer

Add new users to Gumband and edit users' roles

 

 

Create, rename, and delete exhibits and hardware

 

Create, rename, and delete sites (must be Org-level role)

 

 

Create exhibit and hardware auth tokens

 

Delete exhibit and hardware auth tokens

 

 

Change exhibit operation mode and hardware debug mode

 

Create, edit, and delete scheduled exhibit events

 

View, edit, or trigger exhibit real time signals and hardware peripheral properties

View exhibit and hardware logs and reports

Restricting Sites or Exhibits

By default, if a user is added to the organization, they will also be added to all sites and exhibits within that organization. This includes any future sites or exhibits that are created. Organization users can be manually removed from a site or exhibit to restrict access.

Similarly, if a user is added to the site, they will also be added to all exhibits within that site. This includes any future exhibits that are created. Site users can be manually removed from an exhibit to restrict access.

Adding an Organization User

Navigate to the Organizations tab from the Gumband landing page
Select an organization and open the Users tab

Granular Exhibit User Permissions

For each exhibit, user permissions for the real-time signals of that exhibit can be granularly customized. By default, all platform roles can manipulate the real-time signals.

Expand a user on the “Users” tab within an exhibit to show all of the real-time signals (statuses, settings, and controls) for an exhibit. For each item, you can set the permission per user to:

  • Hidden - that field will not be visible in the UI for that user

  • Read Only - the field will be visible for that user, but the value is not editable

  • Read and Write - the field will be visible for that user and the value will be editable