Roles control access to features and capabilities of the system: not all users can create, read, update, and delete records and tables. Only admin and security_admin roles have access to all capabilities.
Generally, a user inherits a role from the group assigned. Refer to theGroup Role article to learn more about it.
Create a role
Role required: security_admin.
To create a role, follow the steps below:
Navigate to User Administration → Roles.
Click New and fill in the form.
Click Save or Save and Exit to apply changes.
Role form fields
Field
Mandatory
Description
Name
Y
Enter a name to a role created.
Elevated Privilege
N
Check this box to make this role available for an elevation inUser Menu.
Description
N
Enter a brief description of this role.
Configuring roles
You can configure out-of-box roles and the access they have by:
creating ACL rules. They allow or restrict access to specific objects and operations.
creating User Criteria records that define access conditions to specific objects, content items and categories.
setting the access to the portal or the agent interfacewithin Portal Context.
creating Business Rules to control updates, insertions, and deletion of records.
If you want a specific role to have access to objects that other roles have access to, you can set it within theRole Contains(sys_role_contains) table.
Navigate to the role record that you need.
In the Related Lists area open the Role Contains tab.
Click New and fill in the fields.
Click Save or Save and Exit to apply changes.
Role Contains form fields
Field
Mandatory
Description
Role
Y
Specify a role that you want to be extended.
Contains
Y
Specify a role that will be an extension.
As a result, the role will have its settings with the settings of the other role it contains. Refer to the Role Structure article to learn more about role powers and responsibilities.
