Skip to main content

Understanding CRUD Permissions in RCOM Gateway

The RCOM Gateway platform offers granular access control through Create, Read, Update, and Delete (CRUD) permissions across various modules. Below is a module-wise breakdown of what each CRUD operation enables.

Auth Systems

  • Create: Add a new authentication provider (e.g., LDAP, OpenID).
  • Read: View configured authentication systems.
  • Update: Modify connection details or rules.
  • Delete: Remove an existing auth system (irreversible).

Custom Map Manage

  • Create: Define a new custom mapping rule or profile.
  • Read: View the list of existing mappings and rules.
  • Update: Edit attribute mappings or data transformation logic.
  • Delete: Remove selected mappings.

Custom UI Manage

  • Create: Create new custom UI panels or dashboards.
  • Read: View existing UI templates.
  • Update: Edit layout, bindings, and controls of custom UIs.
  • Delete: Delete a custom UI configuration.

Endpoints

  • Create: Configure a new REST API endpoint.
  • Read: View all configured REST API endpoints.
  • Update: Modify endpoint configs or route logic.
  • Delete: Remove/Delete REST API endpoints.

Event Processor

  • Create: Set up a new processor linking ingestion channels (MQTT, REST) to workflows.
  • Read: View processor configurations.
  • Update: Change workflow bindings or trigger types.
  • Delete: Deactivate/remove processor.

Event Trigger

  • Create: Set up logic to initiate workflows based on object events (create/update/delete).
  • Read: View triggers associated with object groups.
  • Update: Modify trigger conditions.
  • Delete: Disable or remove triggers.

Events

  • Create: Permission to duplicate existing events for reuse or testing.
  • Read: View event definitions, triggers, and linked workflows.
  • Update: Modify event configurations, mappings, or associations.
  • Delete: Remove events from the system.

External Users

  • Create: Register third-party or external application users.
  • Read: View external user details.
  • Update: Change credentials or access.
  • Delete: Remove external user access.

Groups

  • Create: Create new user groups for role-based access.
  • Read: View existing groups.
  • Update: Add/remove users, change scope.
  • Delete: Remove user group.

Import Export

  • Create: Initiate a data import/export job.
  • Read: View logs/history of jobs.
  • Update: Retry or modify job configurations.
  • Delete: Clear job records.

Log Deletion

  • Create: Define deletion policies or manual deletions.
  • Read: Review deletable logs.
  • Update: Adjust rules or schedules.
  • Delete: Execute log purge.

Manage Agents

  • Create: Register a new software agent.
  • Read: View active/inactive agents.
  • Update: Change agent configs.
  • Delete: Remove agent from system.

Manage Clients

  • Create: Set up a new client profile, including name, authentication settings, and tenant association.
  • Read: View client configuration details and audit activity.
  • Update: Modify client metadata, enable/disable status, or update credentials.
  • Delete: Remove a client and revoke all access tied to it.

Manage Storage

  • Create: Define new storage configurations such as zones, bins, or logical areas.
  • Read: View storage hierarchies and object allocations.
  • Update: Edit naming, relationships, or physical mappings.
  • Delete: Remove a storage entity and clear associated references.

Manage Users

  • Create: Add new user accounts with role and client bindings.
  • Read: View user profiles, login history, and current permissions.
  • Update: Change user roles, reset passwords, or toggle active status.
  • Delete: Permanently revoke user access and remove their account.

Manage Permissions

  • Create: Define new role-permission mappings or access scopes.
  • Read: View existing permission sets and access control configurations.
  • Update: Modify role definitions, group scopes, or feature-level access.
  • Delete: Remove obsolete permission sets from the system.

Manage Workflows

  • Create: Build new automation workflows.
  • Read: View existing workflows.
  • Update: Modify logic/actions in a workflow.
  • Delete: Deactivate or delete the workflow.

MQTT

  • Create: Add new MQTT broker configuration.
  • Read: View existing connections and topics.
  • Update: Modify broker settings or topic subscriptions.
  • Delete: Remove MQTT connection (also unsubscribes topics).

Object Group Type

  • Create: Define object categories to organize related data models.
  • Read: View configured types and their associated object groups.
  • Update: Modify type names or adjust role-based access permissions.
  • Delete: Remove an object group type and revoke its access structure.

Object Groups

  • Create: Define data models including attributes, data types, and triggers.
  • Read: View the structure and purpose of each object group.
  • Update: Adjust field definitions, relationships, or trigger settings.
  • Delete: Remove object groups and their stored data.

Packages

  • Create: Upload new packages to the system.
  • Read: View package history, contents, and deployment status.
  • Update: Reconfigure package metadata or update version info.
  • Delete: Remove packages from the environment.

Package Approval

  • Create: Approve generated packages.

Process Templates

  • Create: Build reusable workflow templates.
  • Read: View existing templates.
  • Update: Modify template logic or variables.
  • Delete: Archive templates no longer in use.

Roles

  • Create: Define new user roles with associated permissions.
  • Read: View existing roles and their access scopes.
  • Update: Change permission sets or role policies.
  • Delete: Remove unused or obsolete roles.

Secret Store

  • Create: Define secrets (e.g., environment variables) for use across workflows or integrations.
  • Read: View stored secrets and their usage context.
  • Update: Change secret values or access conditions.
  • Delete: Remove secrets from the secure store.

Table Settings

  • Create: Set up new configuration entries for table behavior or layout across the system (e.g.: table format in stock view.)
  • Read: View current table display or data handling settings.
  • Update: Modify table-specific preferences, filters, or display logic.
  • Delete: Remove outdated or unused table configurations.

Translations

  • Create: Add new field or label translations.
  • Read: View current translation mappings across languages.
  • Update: Modify field names, labels, or descriptions in various locales.
  • Delete: Remove unused or incorrect translations.

Workflow Jobs

  • Create: Permission to rerun events from previous executions.
  • Read: View execution logs, status, and runtime context.
  • Update: Edit job metadata such as tags or debug parameters.
  • Delete: Remove completed, failed, or obsolete workflow job entries.
warning

Deletion actions are often irreversible and may cascade. Exercise caution, especially for modules like Object Groups, Workflows, Event Processors, and MQTT Clients.

Related Articles