Creating Security Roles

Configuring a security role is a two-step procedure:

1 Add the security role

  1. From the menu, click Security > Security Roles. The Security Roles List page opens.
  2. At the top-right corner of the page, click the Insert icon. The Add Security Role page opens.
  3. In the Name field, type a name for the new security role.
  4. At the top-right corner of the page click the Save and reload icon. The Edit Security Role page opens.

Now you can start adding security items .

2 Assign security items to the security role

Security items specify the entities and the privileges (CRUD operations on those entities) that the security role grants access to.

Users assigned with a security role will be able to perform only the CRUD operations on entity records assigned in the security items.

To add a security item, follow these steps:

  1. From the Security Items section, click the Insert button. The Add Security Role Item page is displayed.
  2. In the Entity field, type the entity name or click the down-arrow and select it from the list.
  3. In the Security Scope field, type the level of access or click the down-arrow and select it from the list:
    UserPrivileges to the records owned by the user or assigned to the user.
    ParentalPrivileges to all records owned in the business unit to which the user belongs to, including privileges to the records owned in the child business units.
    Business UnitPrivileges to all records owned in the business unit to which the user belongs to.
    OrganizationPrivileges to all records in the organization regardless of their owner.
  4. In the Operations field, select the record-level privileges (CRUD operations) for which you want to assign permissions. You can choose one or more of the following:
    ReadAllows users to view records.
    UpdateAllows users to update records.
    InsertAllows users to add new records.
    DeleteAllows users to delete records.
  5. Click the Save and reload icon at the top right corner of the screen.
  6. If your security role item is an entity with attributes tagged as isSecurable, you can use the Permissions for secured attributes table at the bottom of the page to set the Create, Read, and Update permissions for the entity's secured attributes:
    Restricted (default)Prevents access to the attribute.
    AllowAllows access to the attribute.
    Explicit denyPrevents access to the attribute even if another security role allows access.

  7. Click Save and close at the top right corner of the page.

Repeat the process for additional security items you wish to assign to the security role.