Botfront.
Β Github
Getting Started
Configuring channels
Authoring conversations
Conversational interactions
Natural language understanding
Server installation
Developers
Administration
Users and RolesRoles and permissionsBuilt-in rolesCreating new rolesAssign roles to usersBuilt-in permissions
Misc

Available in: Enterprise Edition

Users & Roles

The Enterprise Edition allows you to create multiple projects and users. Additionnally you can assign roles to users.

Roles and permissions

Botfront uses a hierarchical persmissions system. Internally there is no difference between a role and a persmission as the system is based on inheritance.

The difference resides in the naming convention. A permission has a [resource]:[action] syntax (e.g nlu-data:x), while the role has no constraint.

While you can create arbitrary roles and permissions in the UI, you can only assign roles to users.

Built-in roles

RoleDescriptionconstraint
project-adminCan access and edit all resources of a project. Extends projects:w,users:w[projectId]
global-adminCan access and edit all resources of all projects and edit global settigs. Extends All permissions

Creating new roles

To create a new role, Go to Admin -> Roles, and click the Create role button.

The give your role a name, description, and select the child roles. Here, we’re creating a role that has access to all project resources, but cannot edit project settings, name, etc.

Assign roles to users

In the user page: 1. Click the + to create an assignment. 2. Select the project (left dropdown) and role (right dropdown). Note that you can give one user access to several projects with different roles

To give someone the global-admin role, you must select GLOBAL in the projects dropdown:

Built-in permissions

PermissionDescriptionConstraint
nlu-data:rCan read NLU data.[projectId]
nlu-data:wCan write NLU data. Extends nlu-data:r.[projectId]
nlu-data:xCan train a model.[projectId]
responses:rCan read bot responses.[projectId]
responses:wCan create, delete and edit bot responses. Extends responses:r.[projectId]
stories:rCan read story content. Extends nlu-data:r, responses:r.[projectId]
stories:wCan create, delete and edit stories. Extends stories:r.[projectId]
triggers:rCan access story triggers. Extends stories:r.[projectId]
triggers:wCan add, edit, or delete story triggers. Extends triggers:r.[projectId]
incoming:rCan read incoming data. Extends stories:r.[projectId]
incoming:wCan process incoming data. Extends stories:r, nlu-data:w, incoming:r.[projectId]
analyics:rCan view and download analytics data. Extends incoming:r.[projectId]
projects:rCan read everything in a project and access a project settings. Extends: incoming:r, triggers:r, stories:r, responses:r, nlu-data:r, analytics:r[projectId]
projects:wCan edit project meta information and settings. Extends projects:r. If no projectId constraint is specified this permission allows adding, editing, and removing projects.[projectId]
users:rCan access user information. Extends roles:r[projectId]
users:wCan add, edit, or remove user details and roles. Extends users:r.[projectId]
global-settings:rCan access global settings.
global-settings:wCan edit global settings. Extends global-settings:r.
roles:rCan view roles.
roles:wCan add, edit, or remove roles.

If no projectId constraint is specified the permission applies to al projects.

πŸ–ŠοΈ Edit this page on Github