Previous topic

Next topic

Grant Use and Design Permissions to a Role

note_awesome

To grant use and design permissions to a role, you must have Administrator role permissions to:

  • add or update a role
  • assign permissions to roles.

Use and design permissions control what actions all members of a role can and can't do on objects in the system. These actions may include:

Action

A member of this role has permission to...

Create

Add (create) new data or records for the selected object; they cannot make any other changes to the data unless they also have Write permission.

Read

View (read) all data in the selected object; they cannot make any changes to the data unless they also have Write permission.

Write

Update (edit) existing data in the selected object; they cannot add new records or data unless they also have Create permission.

Delete

Delete existing data or records in the selected object; they cannot add new records or change existing data unless they also have Create or Write permissions.

note_awesome

Where a user is a member of various roles that have different permissions for a component's field, for example then the combination (union) of their highest or best settings will apply.

For example members of Role A only have permission to view a field, while members of Role B can edit the data in the field. The user is a member of both Role A and Role B, and as such will get the union of these settings - they will be able to view and update the data in that field.

Use permissions

Typically, 'use permissions' define who can use a particular object in the system, and what level of usage they have. For example a 'standard user' may only be able to see the first section of an incident management workflow where they can create a new incident record, save it, edit it, but cannot delete it.

Only those use permissions explicitly granted to, or implicitly inherited by a role, are available to users assigned to that role.

note_awesome

A user cannot perform a specific operation on an object if no permission has been assigned. For example if the user doesn't have read permission for a component, then they can never view that component - it will not be displayed to them; if they don't have update permission on a field, then they cannot edit the data in that field.

Design permissions

Typically, 'design permissions' allow only a few roles in the system to design objects, such as lookup lists.

In This Section

Set Use Permissions for Components

Set Permissions for BI User Console, BI Folders, Reports and Dashboards

Set Use Permissions for Policies

API Keys

External API Tokens

See Also

Security

About the Default User and the Default Role

About System Roles

About User Authentication

Add a Role

Edit a Role

Delete a Role

Assign a Role to a Role

Assign a User to a Role

Remove a User from a Role

Maintain an Administrative Role
Back to top
 Go to www.sai360.com
Copyright SAI360