Permissions are used in sipXecs to control what individual users are allowed to do. We distinguish between general permissions and call permissions. The distinction between the two is not always perfectly intuitive, but generally call permissions influence call routing privileges (i.e. access to dial plan) where general permissions determine access to system functions.
General permissions include user priviledges such as system administrator rights and the ability to change the PIN from the telephone interface. A default value is assigned to every newly created user. This default can be changed by the system admin on a per user basis or on a user group level.
Call permissions include priviledges as they apply to the dial plan. They determine rights to make calls to certain destinations, such as long distance, 900 numbers, mobile phones, 800 numbers, international calls, etc. Call permissions also determine whether the user has a voicemail box, is included in the auto-attendant dial-by-name feature, or can record system prompts.
Especially the voicemail box permission is important not just for the voicemail function itself. E.g. if the user is part of a hunt group then the call sequence could be different dependent on whether the system can transfer to voicemal for a particular user or not.
Permissions can also be defined at the user group level. They then apply to all the user that are members of that group. If users are members of several groups that have different permission settings, then the setting from the last group applies. Settings at the user level override settings at the group level.
In addition to the built-in system permissions described above, sipXecs allows the administrator to define additional custom permissions. These custom permissions can be used in dial plan routing rules in the same way built-in permissions are used. This feature is very helpful e.g. when localizing sipXecs to adapt to other countries dial plans as these countries might require additional privileges to make call to certain categories of service numbers.
Built-in permissions cannot be deleted or disabled.
The screen for defining a new custom permission looks as follows. It is possible to define as many custom permissions as needed.