Roles
The Roles view provides administrators with comprehensive control over user roles and permissions within the DataStream platform. It enables granular permission management, role assignment tracking, and detailed access control for organizational security and operational efficiency.
To access the Roles view
- Go to the Home > Organization pane
- Click Manage Roles
-or-
- Click the hamburger menu on the top left
- Select Organization > Roles
The view contains the following essential components:
- Role table - Displays Role name, Description, Permissions count, and Assigned Users count
- Items per page - Controls pagination settings for role display
- Page navigation - Shows current page and total pages
- Action menu - Three-dot menu for additional role management options
Role Columns
The table lists all available roles in your organization with their key characteristics:
-
Role name - Human readable name of the role
-
Description - Details of the role, including the actions the role has permission to carry out
-
Permissions - Permissions assigned to the role, given in Unix-style numeric masks.
Clicking on this value opens a list with two columns, displaying the details of the abilities or the permission set:
- Permission Title - Internal constant representing the permission
- Ability - Internal constant assigned to the permission
Click again to close the table.
-
Assigned Users - Number of users the role has been assigned to in your organization.
Clicking on this value opens a list displaying the e-mails and names of the assignees. Click again to close the list.
Actions Menu
The Action menu—the vertical ellipsis (⋮) on the right—proivdes additional information on the actions the assigned permissions of the role make possible.
Built-in Role Types
The system provides four fundamental role types with distinct permission levels:
User Role
User has read-only access to all files, with no access to edit/delete actions.
Contributor Role
Contributor has the same abilities as User, and plus can edit files and make configurations but cannot delete them.
Admin Role
Admin has the same abilities with Owner to read, edit and delete all files and make configurations, but cannot change Owner information.
Owner Role
Owner has the ability to read, edit, and delete all files and make configurations. The permissions mask is 340.
The built-in roles cannot be modified or deleted.
Role Permission Matrix
The following table summarizes the essentials of role permissions:
| User | Contributor | Admin | Owner | |
|---|---|---|---|---|
| Fleet Management | 📗 | 🟨 | 📘 | 📘 |
| Devices, Targets | 📗 | 🟨 | 📘 | 📘 |
| Pipelines | 📗 | 🟨 | 📘 | 📘 |
| Routes | 📗 | 🟨 | 📘 | 📘 |
| User Management | ⚪️ | 🟨 | 📘 | 📘 |
| Audit | ⚪️ | 📘 | 📘 | 📘 |
| Transfer Owner | ⚪️ | ⚪️ | ⚪️ | 📘 |
Permission Legend
- ⚪️ None: No access
- 📗 Read: View-only access
- 🟨 Read + Edit: View and modify access
- 📘 Read + Edit + Delete: Full access including deletion