How do I create a role?
You can create roles for users with the Standard account type by going to Administration/ Roles from the main left hand menu. Click Roles; this will take you to the roles list.
Create a role
At the top of the page you will find the + Create button.
You will note that the Role name field displays "Unnamed role" as a placeholder and that this field is mandatory. It must contain a unique value so that roles can be easily distinguished.
The Description field is optional but useful, as it allows you to make notes about the role being created. This is particularly useful if you have several roles with similar names.
Both these fields are available for view in the Roles list.
System permissions
The System permissions section is divided into the main system areas. It is here that you will determine what a user given this role is allowed to see and do.
- Sequencer: options for create, edit and delete
- Task configuration: split into Task Templates and Task Group Templates, each with options for create and edit
- Data model: options for create, edit and delete, which specifically relate to Object Classes
- Administration: this section is split into five sections, with the first two areas having only an Edit option. This is because they are single page items where there is no option to create a new instance.
A user given the Edit permission for Company Details and/or Standard Authentication will be able to:
- See the page in their left hand menu
- Access the given page
- Edit the data on that page
If this permission is disabled, the menu item will be hidden and the user will have no access to this area.
The next two sections under Administration have the Create, Edit and Delete permissions because they will appear in a list page with the ability to create multiple instances of those objects.
However, for User groups there is only a create permission. This is because the user who creates a User group will become the owner of that User group. They will be able to make other users an owner of the group, and any owner will be able to Edit or Delete the User group.
All role permissions are high-level and are only concerned with administration of the system. Other permissions can be set at Object Class and for all Object Records within the Class.
You'll note that all permissions are defaulted to OFF.
Description of permissions when enabled
Create/Edit
When create is switched on, Edit is automatically also switched on. The system area will appear in the left hand menu and the user will be able to:
- Access the listing page or static page for the selected area
- View all current instances of the selected areas (ie Task templates, Authentication objects)
- The + Create button will appear on the listing page
- The Edit option will appear on the listing page against each instance
Delete
The Delete permission can be enabled without the user being given permission to Create and/or Edit. A user with the Delete permission will be able to:
- View the list page
- Delete any instance in the list page because this option will appear in the Actions menu
If the Create permission is disabled
The + Create button will be removed from the listing page, but the user will still be able to edit instances in the list.
| mceclip0.png | mceclip2.png |
If both the Create and Edit permissions are disabled
Unless the Delete option is enabled, the system area will be removed from the left hand menu and the user will have no access to the list.
| mceclip1.png | mceclip3.png |
| mceclip4.png | mceclip5.png |
Useful info
- If a user has more than one role, the most permissive actions will be allowed.
- Users can only delete Task Templates that do not have responses against them.
- You can add up to 5,000 different roles in your system. If you reach this limit, the + Create button will be disabled.
- It is worth noting that any user with the Super admin account type will have all the permissions discussed here enabled by default.