4.10. Roles

A role is a set of permissions that defines the actions a user can perform in the user interface. Separate lists of permissions are available for each type of resource in the user interface, such as users, reports and operating systems, and can be further filtered to restrict the scope of the permissions to resources that match certain criteria. Roles are applied to users and user groups.

4.10.1. Creating a Role

You can create roles for granting a custom set of permissions to users in the user interface.

Procedure 4.20. Creating a Role

  1. Click AdministerRoles.
  2. Click New Role.
    The New Role Window

    Figure 4.9. The New Role Window

  3. In the Name text field, enter a name by which to identify the role in the user interface.
  4. Click Submit.
You have created a role for granting a custom set of permissions to users in the user interface and must configure the permissions that role grants.

4.10.2. Adding Permissions to a Role

You can add new permissions to a role in the user interface to specify additional actions that users to which the role is assigned can perform.

Procedure 4.21. Adding Permissions to a Role

  1. Click AdministerRoles.
  2. Click New Role.
  3. From the Filters and permissions list for the role to edit, click Add permission to open the New Filter page.
    The New Filter Page

    Figure 4.10. The New Filter Page

  4. From the Resource type list, select the resource type to edit.
  5. From the list of permissions in the All items list, select the permissions to add to the role.
  6. Optionally, clear the Unlimited? check box and use the Search text field to specify a filter using search syntax.
  7. Click Submit.
You have added permissions to a role, and users to which that role is assigned can perform the actions that role defines.

4.10.3. Removing Permissions from a Role

You can remove existing permissions from a role.

Procedure 4.22. Removing Permissions from a Role

  1. Click AdministerRoles.
  2. Click the Filters and permissions list for the role to edit to open the Filters page.
  3. From the Edit list for the permission to remove, click Delete.
  4. Click OK when prompted.
You have removed permissions from a role, and users to which that role is assigned can no longer perform the actions defined by the permissions that were removed.

4.10.4. Removing a Role

You can remove existing roles from the user interface.

Procedure 4.23. Removing a Role

  1. Click AdministerRoles.
  2. From the Filters and permissions list for the role to remove, click Delete.
  3. Click OK when prompted.
You have removed a role, and the role is removed from all users to which it was applied.