Administration — Users Rights

Navigate to Administration → Users Rights. This page controls fine-grained access to specific paths and directories within each service (HTTP, FTP, LDAP).

Users Rights — FTP tab showing paths, users, and permission codes.
Users Rights — the FTP tab shows the permission structure: each path lists which users have access and what they can do (r=read, w=write, d=delete, n=rename, l=list, c=create).

How rights differ from privileges

Privileges (set in Users Management) control which sidebar sections a user can see — Networking, Phone, Automation, etc. They are the big-picture "which rooms can you enter?"

Rights (this page) go one level deeper. They control which specific paths and directories a user can access within each service. This is the "which shelves in the room can you read from?"

Most installations work fine with just privileges. You only need to configure rights when you want to restrict or grant access to specific directories — for example, letting a backup user read FTP recordings but not configuration files.

HTTP Rights

HTTP Rights — paths with user permissions for the web interface.
HTTP Rights — controls which web interface pages each user can access. Here, /gui/ is readable by everyone, /sys/ gives full access to admin and super, and /sys/pub/ is read-only for anonymous users.

Each row defines a URL path within the web interface. The columns show:

ColumnMeaning
PathThe URL path being controlled (e.g. /gui/, /sys/)
UserThe user or user class this rule applies to (admin, super, anonymous, any-authenticated)
FileFile-level permissions (r=read, w=write, d=delete, n=rename)
DirDirectory-level permissions (l=list, c=create, d=delete, n=rename)
RecursionWhether the rule applies to subdirectories too (Yes/No)
ProtocolWhich protocols the rule applies to (PLAIN, SSL, or both)

FTP Rights

Controls which directories each user can see and modify when connecting via FTP. The same column structure as HTTP Rights applies — Path, User, File permissions, Dir permissions, Recursion, and Protocol.

The permission codes for File and Dir columns:

CodeMeaning
rRead — download files
wWrite — upload and overwrite files
dDelete — remove files
nRename — rename files
lList — see directory contents
cCreate — make new subdirectories

In the screenshot above, you can see for example that /pkg/ is only accessible by super with full permissions, while /pub/ gives anonymous read-only access but admin and super get full control.

LDAP Rights

LDAP Rights — address book paths with user grants.
LDAP Rights — controls access to LDAP address books. Each address book (contacts, published, system) lists which users can read, write, create, or delete entries.

LDAP rights control access to the Abilis address book directory — used by SIP phones to look up contacts and by external systems that query the LDAP service.

Unlike HTTP and FTP rights which use path-based permissions, LDAP rights are organised by address book (contacts, published, system) with simpler grant codes:

GrantMeaning
rRead — look up entries
wWrite — modify existing entries
cCreate — add new entries
dDelete — remove entries

Clicking on a user row opens the per-user permission editor:

Edit user grants for an LDAP address book — checkboxes for read, write, delete, create.
Editing grants for a specific user on the "contacts" address book — tick the permissions and click Submit.

Adding a new right

  1. Select the tab (HTTP, FTP, or LDAP) for the service you want to configure.
  2. Click "Add path" (or "New +") to create a new controlled path.
  3. Enter the path — for example, /recordings/ for FTP, or /sys/admin/ for HTTP.
  4. Submit to create the entry.
  5. Click on the new path row to expand it and assign users with their permission levels.
Note: If you don't configure any explicit rights, the Abilis uses default access rules based on each user's HTTP-LEVEL and privileges. Only set explicit rights when you need to override the defaults for a specific use case.
Anteklab Technical Support Email: tem@antek.it
Tel: +39 0376 16262,27
← Users Management Virtual Office →