Roles are how you assign sets of permissions to end users.
Step-by-step guide
-
Step 1 of 8
The Roles page is accessed from within the User management section of the top menu bar.
-
Step 2 of 8
The following page will display a list of all the roles which exist inside the system. To create a new role click New role.
-
Step 3 of 8
From here you can start to define how this role should function. Title is the name of the role which all users will see when they are assigned it.
-
Step 4 of 8
The next section asks you to select permissions to assign to this role. Clicking in the dropdown will display all available options which can be added.
-
Step 5 of 8
Once you have selected the permissions for the particular role, the next section allows you to Restrict these permissions to only be actionable against certain other roles in the system.
The box here will display all of the other roles which exist in the system. Selecting any of them will mean that the current role you are editing will only have its permissions against these other roles. If nothing is selected in this role restriction box then the current role will have those permissions against all other users in the system. -
Step 6 of 8
The next section allows you to set whether new external users can be created through invitations sent by other users of risr/advance. By default the only other way to create new users is for administrators to create a new account each time. This setting on the role page can be useful when you would like your end users to send their events on to people who may not already have an existing risr/advance account. Ticking the box shown below will mean that any event type which has a section filled in by this role can be sent to any external email address as well as an existing risr/advance user with that relevant role. When this new user responds to the invitation they will be asked to create a new account as part of the process.
The Allowed domains box enables you to limit the invitations which can be sent externally to only the domains which are listed here. When inviting someone external to respond to the next section of an event, only the domain(s) specified for this role will be accepted.
The allowed domains setting has no effect for users who already have an existing risr/advance account.Domains typed in this box do not need the @ symbol, and multiple allowed domains can be added by pressing return and typing out as a comma-separated list.
Note: If the option to allow new users to be invited is selected, then options relating to restriction by relations will not be available. This is because we cannot know which relation this new user should be assigned at the point of their account being created.
-
Step 7 of 8
You can set whether this role should be Restricted by relation. Here there are two options, the first is by relation hierarchy which when selected will display all of the relations already defined in the system. Selecting one of these will result in this role only having the defined permissions against other users of the system who have been assigned the same relation hierarchy as them.
The permissions will only take effect against other users who have been assigned a lower level in the same hierarchy.
The second option is by a one-to-one relation as a user dependent role. Selecting this option will mean that users with this role must be explicitly (manually) linked to other users of the system before any of the permissions will take effect against them.
-
Step 8 of 8
Save this role and it is now ready to be assigned to users of the system. This is done directly from the users list and can be done individually or in bulk (via the import tool).
Users can be assigned multiple roles and simply receive an aggregation of all of the permissions they are therefore given. This means they do not need to choose with which capacity they want to access the system.
An overview of role creation is available in the video below.
Comments
0 comments
Please sign in to leave a comment.