Viewing Existing User Roles

To view the existing User Roles:

  • Select User Roles within System Security.
  • To view the User Role Rights, select the User Role quick reference or use the Open Folder icon.

User Role Details:

The User Role Details screen shows the name, description and quick reference of the User Role, as well as an Advanced section which allows you to limit the assignment of the User Role in question to certain Users only, via basic or complex formulae.

The latter could be quite useful should you want to set up different access rights for your Administrators. For instance, you may want to grant full Administrator access to certain teams from certain countries or divisions, but only partial Administrator access to your other teams. This can be achieved by setting up separate User Roles for every type of access (full or partial) and by entering the appropriate formulae on the User Role Details screen. Select the Show option and type in your formula in the text box displayed on screen.

A formula will usually consist of a variable (i.e. the quick reference of the field), an operator, such as equals, which is entered as ==, and a value within double quotation marks. The value can be the range of the variable or the actual description, depending on the variable elected. The variable will sometimes need to be preceded by a prefix to indicate the type of Entity it relates to (for example, User if related to Users or Person if related to Companies, Individuals or Other Entities).

For example in the screenshot above, the formula entered in the text box (User.USERPARTNER=="US") will only allow you to assign that User Role to Users from the US Division (in this case the team with full Administrator access to Diligent Entities). Should someone try to assign this to Users from other Divisions/Partners (for example, teams who should not be granted full Administrator access), they will not be able to save their changes and will get an error message, as demonstrated below.

Note

For the above restriction to work, you will need to ensure that the Division/Partner in question has been created (see the System Customisation User Guide for more details). You must also make sure that the appropriate Division/Partner has been selected for all your Users under User Preferences > Contact.

For a full list of the access rights applicable to the User Role in question select Next.