Roles and Profiles can be created to differentiate users, their rights and options in Cobundu. If a user has multiple roles assigned to him/her, the overall reservation scope of the user will be the sum total/union of all individual roles.
Follow this link to learn more about Cobundu User Management.
How to access:
- Go to https://studio.cobundu.com/
- Login with your credentials
- Select your tenant
- Select Roles & Profiles (scroll to the bottom of the tenant: under Users, you'll find “Roles & Profiles”).
Standard Roles
- “No roles found, unprivileged user”: user can access End-user Cobundu touchpoints (GO + Workplace App)
This is the default. In Studio, every user is created without a role (through excel upload, a role can immediately be assigned to a user).
- “Admin” role is needed to access Studio (will only give access to current tenant), DeviceControl (for KioskApp and Workplace App)
! With great power comes great responsibility: make sure the Admin-user is aware of the Studio basics. Having access to Studio = having access to the Settings page + Sensor Devices mapping + Floorplan config + ... => a basic training in Studio is needed before access can be given.
- "Developer" role is assigned typically to users who have the rights to view/consume/integrate COBUNDU APIs with touchpoints. As these users can also be external developers who work on integrating COBUNDU with their systems, such users should not have access to COBUNDU touchpoints.
- On GO, users with only developer role are automatically redirected to the API documentation upon login and cannot use any other front-end features.
- On Workplace App, an alert will be shown and the user will not be allowed to continue.
Tenant Specific Roles
Depending on the needs per customer, other roles can be added to the tenant (select "Add New"); eg Work Assistant roles that can access different Workorder overviews.
- “Cleaning/WorkAssistant” role is needed to give access to specific overviews with workorders, see configuration instructions on Work Assistant
- Access to dashboards on GO can be restricted per role (under tenant > Tenant Setup > Dashboards)
Role based reservation scope definition
Step 1: Role definition
A new role category called "reservation restrictions" has been introduced in Cobundu. Under this new category, the reservation scope of a user can be described by using 3 parameters:
| Location Type - Each role can be defined for either only rooms, only workplaces, or both. | ||
| Location tree with check boxes | Locations scope (buildings) - The locations in which the user is allowed to book a room or desk. | |
Departments scope - Rooms and workplaces can be linked to departments in Cobundu under the Location Grouping settings. When a set of departments are enabled in a role, the user can only book rooms/workplaces linked to that department. An option called "User's / my department" exists, which points to the user's own department for dynamic restrictions per user. | ||
Zones scope - Rooms and workplaces can be linked to zones in Cobundu under the Location Grouping settings. When a set of zones are enabled in a role, the user can only book rooms/workplaces linked to that zone. |
Step 2: Role assignment
Initially, no user has has any role of type "reservation restriction" assigned to him/her. No restrictions are applicable to such users.
An administrator can assign one or more roles of type reservation restrictions to a user. If a user has multiple roles assigned to him/her, the overall reservation scope of the user will be the sum total/union of all individual roles.
When such roles are assigned, via Cobundu, the user can only book rooms/workplaces described within the role. Reservation requests for other locations will be blocked by Cobundu.
It must be clarified here that the restrictions only apply for bookings made via Cobundu, and not for requests originating in the underlying IWMS from other sources (eg from Outlook through Exchange or IWMS web portal). Also the other way around: IWMS restrictions will always be respected as it’s the underlying IWMS which owns the reservation data.
Settings in IWMS | Settings in Cobundu | Result in IWMS | Result in Cobundu | |
|---|---|---|---|---|
No restriction / Allowed to book room X | No restriction / Allowed to book room X | -> | Allowed to book room X | Allowed to book room X |
No restriction / Allowed to book room X | Restriction set on room X | -> | Allowed to book room X | Not allowed to book room X |
Restriction set on room X | No restriction / Allowed to book room X | -> | Not allowed to book room X | Not allowed to book room X |
If a user is trying to book a resource that is outside of his/her reservation scope, an error message is shown
Step 3: Booking assistance
This part is still a WIP and will be available in a future release.
In the Cobundu touchpoints (like the Workplace app), the search functionality for rooms and workplaces will take the reservation restrictions into account and exclude the resources which are not available for the user.
This means that if restrictions are created, for now, these will be checked only at the moment of submitting a booking request.