By setting permissions, you determine which users can view and interact with portlets. Permissions settings restrict which Zope Access Control List (ACL) can access each portlet.
Before you can successfully set portlet permissions, you must assign the user a specific Zenoss role. (You assign roles from the user edit page, from Advanced > Settings.) Each user role is mapped to one or more Zope ACL permissions, which allow you to restrict the portlets a permission level can see.
A user's specific portlet permissions are defined in part by Zope ACL permissions, and in part by the role to which he is assigned.
The following table shows how user roles map to ACLs.
|User Roles||ACL Permission|
|ZenUser, ZenOperator||ZenCommon, View|
|ZenManager, Manager||ZenCommon, View, Manage DMD|
|No Role, Administered Objs||ZenCommon|
To set portlet permissions:
You may mistakenly block users from being able to access some portlets. Often, this happens when a user has been set to see only particular devices. By default, this user will see only portlets set to the ZenCommon permission level. In effect, this blocks three of six portlets.
To remedy this problem, you can:
Change the permission levels (on the Portlets page) to ZenCommon, or
Change the user role to a role higher than "No Role."