Disabled default roles documentation

wso2 · Dec 4, 2024 · 0230dae · 0230dae
1 parent 10e388d
commit 0230dae
Show file tree

Hide file tree

Showing 3 changed files with 341 additions and 20 deletions.
diff --git a/en/asgardeo/docs/guides/users/manage-administrators.md b/en/asgardeo/docs/guides/users/manage-administrators.md
@@ -23,19 +23,36 @@ Existing administrators can onboard other administrators by sending them email i
     !!! note
         If you have enabled the option to [assign admin privileges to users](#assign-admin-privileges-to-users), you may proceed to invite external admins by clicking *Add Administrator* > *Invite Admins to Asgardeo*.
 
+    {% if default_roles %}
+
     <table>
         <tr>
-        <th>Email Address</th>
-        <td>The invitation will be sent to this email address. Additionally, this email address will be used as the username of this administrator.
-        Usernames are always unique to an organization. Once created, they cannot be modified.
-        </td>
+            <th>Email Address</th>
+            <td>The invitation will be sent to this email address. Additionally, this email address will be used as the username of this administrator. Usernames are always unique to an organization. Once created, they cannot be modified.</td>
         </tr>
         <tr>
-        <th>Role</th>
-        <td>Users can be assigned one or more default roles. For details on the available user roles and the permissions assigned to them, see [Asgardeo User Roles]({{base_path}}/references/user-management/user-roles/).</td>
+            <th>Role</th>
+            <td>Users can be assigned one or more default roles. For details on the available user roles and the permissions assigned to them, see [Asgardeo User Roles]({{base_path}}/references/user-management/user-roles/).</td>
         </tr>
     </table>
 
+    {% else %}
+
+    <table>
+        <tr>
+            <th>Email Address</th>
+            <td>The invitation will be sent to this email address. Additionally, this email address will be used as the username of this administrator. Usernames are always unique to an organization. Once created, they cannot be modified.</td>
+        </tr>
+        <tr>
+            <th>Role</th>
+            <td>The <b>Administrator</b> role is assigned by default. For details on the available user roles and the permissions assigned to them, see [Asgardeo User Roles]({{base_path}}/references/user-management/user-roles/).</td>
+        </tr>
+    </table>
+
+    {% endif %}
+
+
+<td>The <b>Administrator</b> role is assigned by default. <br>For details on the available user roles and the permissions assigned to them, see [Asgardeo User Roles]({{base_path}}/references/user-management/user-roles/).</td>
 3. Click **Invite** to send the invitation.
 
 The external administrator can join the organization by accepting the invitation and setting a password for the new administrator account.

diff --git a/en/asgardeo/docs/references/user-management/user-roles.md b/en/asgardeo/docs/references/user-management/user-roles.md
@@ -1,3 +1,5 @@
+{% if default_roles == true %}
+
 # Asgardeo user roles
 
 Roles determine permissions for accessing Asgardeo resources such as functionalities in the Asgardeo Console and underline REST APIs.
@@ -371,3 +373,317 @@ The following tables elaborate all the permissions enabled for the default roles
     </tr>
 </table>
 <br>
+
+{% else %}
+
+# Asgardeo user roles
+
+Roles consist of the permissions that are required by users to access the Asgardeo resources such as functions available on the Asgardeo Console, REST APIs, etc.
+
+When you assign a role to a user, you are controlling what the user can do in Asgardeo.
+
+By default, Asgardeo has the **Administrator** user role. This role includes all administrative permissions in the organization. An organization can have many users with the administrator role. An administrator is a privileged user who has overall access to the organization.
+
+<!-- 2. **Application developer**: This role includes the permissions required for registering and managing applications. The application developer is a privileged user who can integrate applications with Asgardeo. 
+
+3. **Administrative auditor**: This role includes list and view permissions to Asgardeo resources, which is useful in troubleshooting issues and providing support for other users in the organization. This role provides users read only access to the organization.
+
+Only [Administrators](../../guides/users/manage-administrators/) can be assigned to Asgardeo roles, and an administrator can be assigned only with one role.
+
+The following tables list the permissions enabled for roles in the organization. -->
+The following list contains the permissions enabled for an Administrator:
+
+## User management
+- View users
+- Onboard users
+- Update user profiles
+- Delete users
+- Terminate sessions
+- View groups
+- Create groups
+- Update and delete groups
+- View assigned users to groups
+- Assign users to groups
+- Assign users to groups
+- View roles
+- Create roles
+- Update and delete roles
+- Assign users to roles
+- Assign groups to roles
+- 
+## Application management
+- View apps and app settings
+- Register apps
+- Update and delete apps
+- Update Sign-in methods
+- Update protocol settings
+
+## Connections management
+- View connections and connection settings
+- Create new connection
+- Update and delete connections
+
+## Organization management
+- Create new organizations
+- View all the organizations created
+- As the organization creator, update and delete organizations that you created
+- Switch to the organizations that you created
+- Share applications from the organization (root) to its organizations
+
+## Managing attributes and scopes
+- View attributes
+- Create new attributes
+- Update and delete attributes
+- View scopes
+- Add new attributes to scopes
+- Update and delete scopes
+
+## Managing organization settings
+- View account recovery scenario and settings
+- Configure account recovery scenarios
+- View self registration related settings
+- Configure self registration for users
+- View account security related settings and configurations
+- Configure account security related settings
+
+<!--
+## Users
+<table>
+  <tr>
+    <th>Permission</th>
+    <th>Administrator</th> 
+    <th>Application developer</th> 
+    <th>Administrative auditor</th> 
+  </tr>
+  <tr>
+    <td>View users</td>
+    <td>✔️</td>
+    <td>✖️</td>
+    <td>✔️</td>
+  </tr>
+  <tr>
+      <td>Onboard users</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+  </tr>
+  <tr>
+    <td>Update user profiles</td>
+    <td>✔️</td>
+    <td>✖️</td>
+    <td>✖️</td>
+  </tr>
+  <tr>
+      <td>Delete users</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>
+    <tr>
+      <td>Terminate user session</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>
+    <tr>
+      <td>View groups</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✔️</td>
+    </tr>
+    <tr>
+      <td>Create groups</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>
+    <tr>
+      <td>Update and delete groups</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>
+    <tr>
+      <td>View assigned users to groups</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✔️</td>
+    </tr>
+    <tr>
+      <td>Assign users to groups</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>  
+</table>
+
+<br>
+
+## Applications
+
+<table>
+  <tr>
+    <th>Permission</th>
+    <th>Administrator</th> 
+    <th>Application developer</th>
+    <th>Administrative auditor</th>
+  </tr>
+  <tr>
+    <td>View apps and app settings</td>
+    <td>✔️</td>
+    <td>✔️</td>
+    <td>✔️</td>
+  </tr>
+  <tr>
+      <td>Register apps</td>
+      <td>✔️</td>
+      <td>✔️</td>
+      <td>✖️</td>
+  </tr>
+  <tr>
+    <td>Update and delete apps</td>
+    <td>✔️</td>
+    <td>✔️</td>
+    <td>✖️</td>
+  </tr>
+  <tr>
+      <td>Update Sign-in methods</td>
+      <td>✔️</td>
+      <td>✔️</td>
+      <td>✖️</td>
+  </tr>
+  <tr>
+    <td>Update protocol settings</td>
+    <td>✔️</td>
+    <td>✔️</td>
+    <td>✖️</td>
+  </tr>
+</table>
+
+<br>
+
+## Connections
+
+<table>
+  <tr>
+    <th>Permission</th>
+    <th>Administrator</th> 
+    <th>Application developer</th>
+     <th>Administrative auditor</th>  
+  </tr>
+  <tr>
+    <td>View connection and connection settings</td>
+    <td>✔️</td>
+    <td>✔️</td>
+    <td>✔️</td>
+  </tr>
+  <tr>
+      <td>Create new connection</td>
+      <td>✔️</td>
+      <td>✔️
+      <td>✖️</td>
+  </tr>
+  <tr>
+    <td>Update and delete connections</td>
+    <td>✔️</td>
+    <td>✔️</td>
+    <td>✖️</td>
+  </tr>
+</table>
+
+<br>
+
+## Attributes and scopes
+<table>
+  <tr>
+    <th>Permission</th>
+    <th>Administrator</th> 
+    <th>Application developer</th> 
+     <th>Administrative auditor</th> 
+  </tr>
+  <tr>
+    <td>View attributes</td>
+    <td>✔️</td>
+    <td>✖️</td>
+    <td>✔️</td>
+  </tr>
+  <tr>
+      <td>Create new attributes</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+  </tr>
+  <tr>
+    <td>Update and delete attributes</td>
+    <td>✔️</td>
+    <td>✖️</td>
+    <td>✖️</td>
+  </tr>
+  <tr>
+      <td>View scopes</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✔️</td>
+    </tr>
+    <tr>
+        <td>Add new attributes to scopes</td>
+        <td>✔️</td>
+        <td>✖️</td>
+        <td>✖️</td>
+    </tr>
+    <tr>
+      <td>Update and delete scopes</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>
+</table>
+
+## Organization settings
+<table>
+  <tr>
+    <th>Permission</th>
+    <th>Administrator</th> 
+    <th>Application developer</th> 
+    <th>Administrative auditor</th> 
+  </tr>
+    <tr>
+          <td>View account recovery scenarios ad settings</td>
+          <td>✔️</td>
+          <td>✖️</td>
+          <td>✔️</td>
+    </tr>
+    <tr>
+      <td>Configure account recovery scenarios</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr>
+    <tr>
+          <td>View self registration related settings</td>
+          <td>✔️</td>
+          <td>✖️</td>
+          <td>✔️</td>
+    </tr>   
+    <tr>
+      <td>Configure self registration for users</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr> 
+     <tr>
+          <td>View account security related settings and configurations</td>
+          <td>✔️</td>
+          <td>✖️</td>
+          <td>✔️</td>
+    </tr>   
+    <tr>
+      <td>Configure account security related settings</td>
+      <td>✔️</td>
+      <td>✖️</td>
+      <td>✖️</td>
+    </tr> 
+</table> -->
+<br>
+
+{% endif %}
diff --git a/en/asgardeo/features.json b/en/asgardeo/features.json
@@ -1,19 +1,7 @@
 {
-    "asgardeo_logs": {
-        "enabled": true,
+    "default_roles": {
+        "enabled": false,
         "page": [
-            "guides/asgardeo-logs/index.md",
-            "guides/asgardeo-logs/diagnostic-logs.md",
-            "guides/asgardeo-logs/audit-logs.md"
-        ]
-    },
-
-    "applications": {
-        "enabled": true,
-        "page": [
-            "guides/applications/register-single-page-app.md",
-            "guides/applications/register-oidc-web-app.md",
-            "guides/applications/register-saml-web-app.md"
         ]
     }
 }