(2022.1) Roles
Summary
Once Permission Sets have been defined, an Admin User can manage these Permissions by grouping them into Roles defined within the application. Roles, as the name implies, allows for the grouping people with similar job functions to easily assign them Permission privileges.
Add Role
Add
Navigate to Admin > User Management > Roles to open the the User Management Roles Grid.
To add a new Role, click the 'Add' button located immediately above the Grid.
In the Role data entry form, the User is prompted to define the 'Role' (by name) and the 'Description' used to identify the new Role. Additionally, each Role can be flagged as 'CustomerCenter Only' or 'Administrator'. These flags control certain built-in authority/restriction levels in the application (Note: See below for a listing of specific Administrator privileges). A User is considered to be an Administrator if ANY of their assigned Roles is flagged as Admin. Conversely, a User is relegated to have CustomerCenter Only access if ALL of their assigned Roles are flagged as such.
Admin Users can also add User profiles to the new role which binds each selected User to the Permissions Sets defined in the next tab. To add Users to the new role, select the 'Add' button in the 'Users' tab. Select appropriate Users from the list and press the Save button. The Users appear on the Grid displayed in the 'Users' tab.
Users can define the permissions granted by the new role's Users by opening the 'Permissions Sets' tab. Click the 'Add' button immediately above the Grid displayed in that tab and select the desired permissions sets from the list. Click the 'Save' button, and the selected permissions sets appear on the Grid displayed in the 'Permissions Sets' tab.
For Admin Roles, please see Admin:User Management:Permissions for details.
Save
Once all the Role data entry form's required fields have been satisfied, click the 'Save New' button located at the bottom of the form. The new Role appears on the original User Management Roles Grid and can be selected as an option whenever a user encounters a 'Roles' drop-down menu.
Edit Role
Admin Users can edit existing Roles by:
- Double-clicking any item on the User Management Roles Grid
- Selecting an item, and click the 'Edit Selected' button located immediately above the Grid.
This action opens the item's Role data entry form. At this point, the User can define the item's inputs by following the protocol established earlier in this section. Once all required fields have been satisfied, click the 'Save' button at the bottom of the form.
Admin users can delete existing Roles by selecting the appropriate item on the User Management Roles Grid and clicking the 'Delete Selected' button located immediately above the Grid.
SSO Impact on Roles
Please see our 17926943Ā for how Single-Sign On systems impact the use of Roles within PCR360.
System Defined Roles
There are six Roles created during the Application Install Process. Of these, there are three System Use Roles that can not be deleted and three other examples. These Roles are created to give Admin Users a starting point for creating their own Role structure within PCR-360. They are not intended for actual use immediately after install, unless they happen to already be setup as a Role that is desired within yur Organization. Usually, the SysAdmin and Guest Roles are utilized with no adjustments do to the nature in which these two examples were created to display.
System Use Roles
- SysAdmin: This Role is intended to show how to grant general System Administrative access to a User.
- Guest: This Role is intended to show how to grant general Application access to a User.
- CustomerCenter: This Role is intended to show how to grant CustomerCenter access to a User.
Other Defaults
- Knowledgebase: This Role is intended to show how to grant a User access to the Knowledgebase.
- Back office: This Role is intended to show how to grant a broad level of Administrative Tasks to a User without granting them Administrator access.
- Technician: This Role is intended to show how to grant a User basic access to the system to be able to operate as a Worker performing tasks for Service Desk Requests.