A role is a predefined set of permissions assigned to a user in the system. Roles are generally created and based on users similar job functions – such as sales, marketing, and administration. Roles help to assure that users are given access only to the information they need to perform their work and not given access to information or functionality that is unnecessary.For example, a system administrator may have access to the entire system where a sales rep may only need to access sales information, and wouldn’t need access to create or manage users.
To Create a new role
- To view and manage roles navigate to the main system menu and use the drop down to select user management and then roles
- The role grid displays
- Click the Create Role button in the top right hand corner of the page
- Under the general section, Name the role in the Role Field
- Under the additional section- enter a description of the role
- In the organization field, select an organization where these permissions will be used, or if this permission is to run across all organization you can keep the system-wide default setting.
- Click on the Entity link to assign permissions
There are Two types of permissions.
- Permissions to perform a certain action on entity. For each permission of this type you can specify a desired access level. An example would be to allow users to create calendar entries or create, edit and assign cases.
- Permissions to access system functionalities or capabilities. An example would be if the user is to have access to the job queue or the entity manager.
Each entity listed under the entities link, gives users the ability to allow access to view, create, edit, delete or assign to another user. You can search for the entity from the all list, or click on the tabs to narrow down your selection to account management,or marketing. Click on the drop down next to each permission that you want to assign to specify if you the permission to be None (no permissions) User, Business Unit, Division, Organization or global.
- For this demonstration, I’ll explain one simple entity which is Comments
- Under the sales data tab, examine the comments entity
- Currently, it shows that this role has no access to view, create, edit, delete or share.
- Click on the drop down on the right of the Delete – None setting and you’ll be presented with several options. None, User, Business Unit, Division, Organization, and Global.. Selecting a setting of User will limit the ability of a user with this role to delete records that are owned by the signed in user. Business unit would limit the ability to delete records to those owned by users within the same business unit. Etc
- Next you would click on the drop down next to each of the permissions to decide if you want this user to be able to create, edit,assign or share comments. If you want the user to have additional permissions, you’ll need to repeat this process for each permission required.
- Click on the capabilities tab to include any system functionality that the user needs. Check the checkbox for each required capability.
- When you are finished setting up capabilities, click on the workflow link. These permissions are used to allow certain roles to view the workflow, transition the workflow and apply any permissions for each workflow step.
- For example, if we look at the contact request Workflow a user can be given permission to view workflows and perform transitions. Click the drop down next to View Workflow – None and you are presented with several options. None, User, Business Unit, Division, Organization, and Global. Setting this to View Workflow to USER would allow a user with this role to view the workflow bar and be able to where the record is in within the scope of the workflow steps.
- Click on the drop down next to Perform Transitions – None you are presented options for None, User, Business Unit, Division, Organization, and Global. Selecting User allows the logged in user to be able to perform workflow transitions.
- You can also click on the on the plus symbol to the left of the workflow expand the workflow to see individual steps and assign specific steps of a workflow to this role..
- click on the users link to assign users for this role. Click the checkbox next to each name to be included in this role.
- Click save and close in the top right hand corner to save the role.
Click on the roles breadcrumb to return to the roles grid.
Roles can be edited by using the quick action buttons or by loading the view page of the record.
- Use the quick action buttons on the far right by hovering over the ellipse and using the available options to view, edit or delete the role directly from the grid. Additionally you can clone the role if you’d like to create a similar role, just changing some of the details to make a new role.
- Click on any role in the grid to load the view page. Once loaded – users have the option to clone role, edit or delete the role. Editing the role gives you access to add and remove any system permissions or capabilities from the role.
- When you have finished editing the role, click the save and close button in the upper right hand corner of the screen.
Thanks for watching!
access controls, permissions, roles