NOC (Network Operations Center) Role
The NOC role provides dedicated network operations access for technicians and network engineers. NOC users can monitor network infrastructure, manage routers, OLTs, and IP pools, search and troubleshoot customer connections — all without access to financial data, billing, or package management.
Overview
| Feature | NOC Access |
|---|---|
| Network Monitoring | ✅ Full access |
| Router Management | ✅ Permission-based CRUD |
| OLT / ONU Management | ✅ Permission-based CRUD |
| IP Pool Management | ✅ Permission-based CRUD |
| Customer Search | ✅ By username, mobile, or ID |
| Customer Disconnect | ✅ Permission-based |
| Send SMS to Customer | ✅ Permission-based |
| Billing / Payments | ❌ No access |
| Package Management | ❌ No access |
| PPP Profiles | ❌ No access (contains package data) |
| Customer Create / Edit | ❌ No access |
| Operator Management | ❌ No access |
| Financial Widgets | ❌ No access |
Creating NOC Users
NOC users are created by Group Admins from the admin panel.
Steps
- Navigate to Operators & Managers → NOC Users in the group admin sidebar
- Click New NOC User
- Fill in the required fields:
- Name — Full name of the NOC user
- Mobile — Contact phone number
- Email — Login email address (must be unique)
- Password — Minimum 8 characters
- Select the desired permissions from the checklist
- Click Submit
Editing NOC Users
From the NOC Users list, click Actions → Edit to modify a NOC user's name, mobile, password, or permissions.
Deleting NOC Users
From the NOC Users list, click Actions → Delete to remove a NOC user. This also removes all their permissions.
Permissions
NOC users have granular, permission-based access. Each permission can be individually toggled when creating or editing a NOC user.
Dashboard
| Permission | Description |
|---|---|
noc-dashboard |
Access to the NOC Command Center dashboard |
Router Management
| Permission | Description |
|---|---|
view-routers |
View router list and details |
add-routers |
Create new routers |
edit-routers |
Modify existing routers |
delete-routers |
Remove routers |
OLT Management
| Permission | Description |
|---|---|
view-olts |
View OLT list and details, ONU list |
add-olts |
Create new OLTs |
edit-olts |
Modify existing OLTs |
delete-olts |
Remove OLTs |
IP Pool Management
| Permission | Description |
|---|---|
view-ip-pools |
View IPv4 and IPv6 pool lists |
add-ip-pools |
Create new IP pools |
edit-ip-pools |
Modify existing IP pools |
delete-ip-pools |
Remove IP pools |
Customer Operations
| Permission | Description |
|---|---|
search-customers |
Search customers by username, mobile, or ID |
disconnect-customer |
Disconnect a customer's PPPoE session |
send-sms |
Send SMS messages to customers |
Monitoring
| Permission | Description |
|---|---|
view-monitoring |
Access monitoring tools (Ubiquiti, Mikrotik, Cambium, Network Topology, Status Checks) |
Note: OLT/ONU pages in the monitoring section additionally require the
view-oltspermission.
NOC Panel Navigation
When a NOC user logs in, they see a dedicated sidebar with the following sections:
Dashboard
- Dashboard — Non-financial overview with customer status stats (online, active, suspended, disabled) and performance charts
- NOC Command Center — Real-time network monitoring dashboard with device counts, router metrics, OLT status, and alerts (requires
noc-dashboardpermission)
Monitoring (requires view-monitoring)
- Ubiquiti Devices
- Mikrotik Monitor
- Cambium Devices
- OLT Management (requires
view-olts) - ONU List (requires
view-olts) - Network Topology
- Status Checks
Network
- Routers (requires
view-routers) - IPv4 Pools (requires
view-ip-pools) - IPv6 Pools (requires
view-ip-pools)
Customer Search
A sidebar search box (requires search-customers) allows finding customers by username, mobile, or ID. The customer details page shows:
- Profile information (name, username, mobile, address, connection type, status)
- Connection details (router, IP, MAC, PPPoE info)
- Online/offline status
- Usage history and bandwidth graphs
- Disconnect and Send SMS action buttons (permission-based)
Note: NOC users cannot see billing information, payment history, package details, or pricing on the customer details page.
Security
- Change Password
- Two-Factor Authentication
- Device Verification
- Activity Logs
- Authentication Logs
Financial Data Isolation
NOC users are strictly isolated from all financial data:
- The dashboard shows no revenue widgets, billing summaries, Cash In/Cash Out charts, or payment shortcuts
- The
/widgets/allendpoint returns only non-financial metrics (online, active, suspended, disabled counts) for NOC users — billing/payment queries are never executed - Customer detail pages hide all billing tabs, payment history, plan pricing, and subscription sections
- Billing database queries are completely skipped for NOC users at the controller level
- PPP profile routes are excluded from the NOC panel because they expose package data
- Router configuration and router log routes are excluded (controller-level authorization does not support NOC)
Middleware & Access Control
The NOC route group (/admin/noc/) applies the following middleware stack:
auth— Requires authenticated sessionverified— Requires email verification2FA— Requires two-factor authentication (if enabled)payment.subscription— Enforces subscription checkscan:accessNocPanel— Gate check for NOC role
This ensures NOC users are subject to the same account/subscription enforcement as other admin areas.
Router API Password Security
When editing routers, the NOC routers-edit form does not render the stored API password in the HTML. The password field is left blank; the existing password is preserved server-side unless a new value is explicitly submitted.
Data Scoping
NOC users are scoped to their parent Group Admin's data:
- They can only see routers, OLTs, IP pools, and customers belonging to their parent Group Admin and the Group Admin's operators/sub-operators
- They cannot see or access resources from other Group Admins
URL Structure
All NOC panel routes are under /admin/noc/:
/admin/noc/dashboard— NOC Command Center/admin/noc/routers— Router management/admin/noc/olts— OLT management/admin/noc/onus— ONU list/admin/noc/ipv4pools— IPv4 pool management/admin/noc/ipv6pools— IPv6 pool management/admin/noc/ubiquiti-devices— Ubiquiti monitoring/admin/noc/mikrotik/monitor— Mikrotik monitoring/admin/noc/cambium-devices— Cambium monitoring/admin/noc/topology— Network topology/admin/noc/status-checks— Status checks
Activity Logging
All NOC user management actions are logged in the activity log:
noc_user_create— When a group admin creates a NOC usernoc_user_update— When a group admin updates a NOC usernoc_user_delete— When a group admin deletes a NOC user
Granular Action-Level Authorization
Router operations enforce action-specific NOC permissions:
view-routers— Required for listing/viewing routersadd-routers— Required for creating new routersedit-routers— Required for editing existing routersdelete-routers— Required for deleting routers
Similarly, OLT and ONU operations are gated by their respective permissions via OltPolicy and OnuPolicy.