Access groups

Overall

Access groups can be found in the portal under Company->Users->Access and with them you can customise which users should have access to what in the switchboard.
Basically, there are three access groups and all users are added to the User group, which is sufficient for most companies. The three standard groups are:

User - a whitelist that is adapted for a normal user to access most of the functions in the switchboard.

Pbx Admin - a whitelist for the company's switch administrator who is given access to administer the switch's corporate functions, note that it does not provide access to the user part so an administrator who is also a user in the switch also needs the User list added.

Root - a blacklist that basically gives access to everything at the user and company level.

Each access level corresponds to a function that users through the access groups can access or be blocked from using (can be set at create, read, update and delete levels).

Example

The Chat function of type User is set to Yes in a whitelist, e.g. User. This means that all users belonging to that access group have access to create, read, update and delete chat messages for their user. Simply put, the user has access to chat.

Recommendation

If you want all users in the company to have access to the same functions, it is easiest to make changes in User. If you instead want to give certain users access to more or fewer functions, create a new access group for them.

Whitelists and blacklists

There are 2 different types of access groups and they work in slightly different ways as follows:

A function in a Whitelist that is set to:

Yes -> the user is granted access

No -> neither gives nor denies access, if there are no other access groups on the user, access will be denied as this is the basic mode.

A function in a Blacklist that is set to:

Yes -> the user is denied access

No -> the user is granted access

How they relate to each other

A user without an access group lacks access to all functions, if there are one or more access groups, the user is granted/denied access according to the following conditions:

1. Whitelist set to Yes -> the user is granted access (regardless of other lists in the conditions below).
2. Blacklist set to Yes -> the user is denied access.
3. Blacklist set to No -> the user is granted access.
4. If none of the above applies -> the user is denied access.

To summarise, a Whitelist set to "Yes" is prioritised over other lists, if it does not exist, what is set in the Blacklist applies. If both Whitelist and Blacklist are missing, access is denied.

Note: we do not support more than 1 blacklist being assigned to the same user.

Recommendation

As far as possible, only one of the whitelists and blacklists should be used in a company and whitelists are basically used so it is easiest to use them and add more if needed.

Company and User types

The access groups have 2 different types of access, i.e. all accesses are divided between these. For each access group, you select one or both of these and the access settings under each type are then active and possible to set. A type that is not active does not affect access to the functions under that type.

Company contains access to functions that are at company level. I.e. which functions/selections in the portal's Company tab are accessed.

User contains access at user level in the portal, mobile apps and in Desktop on PC/Mac.

Departments

A department can be assigned one or more access groups, all users in that department will then end up in the relevant access group.