Difference between revisions of "Manage Roles"
Tim Peeler (talk | contribs) |
Tim Peeler (talk | contribs) |
||
| (10 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | == Managing Roles Available to Your | + | ==== '''Explanation''' ==== |
| − | + | ===== '''Managing Roles Available to Your Business''' ===== | |
| + | |||
[https://profitnavigator.net/ '''Profit Navigator'''] uses a authorization system called ''Access Control Lists''. This system | [https://profitnavigator.net/ '''Profit Navigator'''] uses a authorization system called ''Access Control Lists''. This system | ||
is designed to provide the highest flexibility in restricting access to your business' financial data. As an | is designed to provide the highest flexibility in restricting access to your business' financial data. As an | ||
[[Alliance Partner Role|'''Alliance Partner''']] or [[Business Owner Role|'''Business Owner''']] you have the right to create any new | [[Alliance Partner Role|'''Alliance Partner''']] or [[Business Owner Role|'''Business Owner''']] you have the right to create any new | ||
| − | role you wish and provide [[Create Permission|'''Create''']], [[Read Permission|'''Read''']], [[Update Permission|'''Update''']], [[Delete Permission|'''Delete''']], [[User Permission|'''User''']] or [[Facilitator Permission|'''Facilitator''']] | + | role you wish and provide [[Create Permission|'''Create''']], [[Read Permission|'''Read''']], [[Update Permission|'''Update''']], [[Delete Permission|'''Delete''']], [[User Permission|'''User''']] or [[Facilitator Permission|'''Facilitator''']] [[ACL Role Permissions System|'''Permissions''']] for these roles. |
| + | |||
| − | + | ===== '''Core Roles''' ===== | |
| − | Certain | + | Certain [[Core Roles|'''Core Roles''']] are already available to you if you do not wish to manage unique roles for your business and in fact, there are special permissions that can not be granted to roles that you create for certain core roles. These core roles are: |
| − | special permissions that can not be granted to roles that you create for certain core roles. These core roles are: | ||
* [[Guest Role|'''Guest''']] | * [[Guest Role|'''Guest''']] | ||
* [[System Admin Role|'''System Admin (Special Permissions)''']] | * [[System Admin Role|'''System Admin (Special Permissions)''']] | ||
* [[Alliance Partner Role|'''Alliance Partner (Special Permissions)''']] | * [[Alliance Partner Role|'''Alliance Partner (Special Permissions)''']] | ||
* [[Business Owner Role|'''Business Owner (Special Permissions)''']] | * [[Business Owner Role|'''Business Owner (Special Permissions)''']] | ||
| + | * [[Senior Leadership Role|'''Senior Leadership Role''']] | ||
* [[Editor Role|'''Editor''']] | * [[Editor Role|'''Editor''']] | ||
* [[Authorized User Role|'''Authorized User''']] | * [[Authorized User Role|'''Authorized User''']] | ||
| Line 20: | Line 22: | ||
* [[Sales Associate Role|'''Sales Associate (Special Permissions)''']] | * [[Sales Associate Role|'''Sales Associate (Special Permissions)''']] | ||
* [[Direct Reports Role|'''Direct Reports''']] | * [[Direct Reports Role|'''Direct Reports''']] | ||
| + | * [[Team Leader Role|'''Team Leader (Special Permissions)''']] | ||
| + | * [[Team Scribe Role|'''Team Scribe (Special Permissions)''']] | ||
| + | * [[Team Member Role|'''Team Member (Special Permissions)''']] | ||
* [[Alliance Member Role|'''Alliance Member (Special Permissions)''']] | * [[Alliance Member Role|'''Alliance Member (Special Permissions)''']] | ||
* [[Alliance Facilitator Role|'''Alliance Facilitator (Special Permissions)''']] | * [[Alliance Facilitator Role|'''Alliance Facilitator (Special Permissions)''']] | ||
| − | |||
| − | Each of these roles | + | ===== '''Core System Roles and Special Roles''' ===== |
| − | The special roles have specific restrictions and permissions and as such may not be assigned except by members who possess | + | |
| + | Each of these roles is defined by the '''Core System''' and are not editable. You may assign any core role to any members of your business. The special roles have specific restrictions and permissions, and, as such, may not be assigned except by members who possess the correct credentials for assigning restricted permissions. The correct credentials are defined as either having, yourself, been assigned a restricted permission role, or having the [[System Admin Role|'''System Admin Role''']]. | ||
| + | |||
| + | |||
| + | |||
| + | ==== '''Instructions''' ==== | ||
| + | ===== '''Editing Roles''' ===== | ||
| + | |||
| + | |||
| + | When editing roles for your business, at the bottom of the list of core roles (and any custom roles created for your business) is a button that will allow you to create a new role. When you click that button a new role will be created for your business and the role editor will appear. | ||
| + | |||
| + | ===== '''Changing the Title of Roles''' ===== | ||
| + | |||
| + | Change the title of the role to any meaningful name. For example, if you wanted to create a role that only has access to enter monthly data, you could call the role "''Monthly Data Entry Manager''". You can also provide a description to help you remember what you want members with this role to do for you. It is suggested that you provide this description to help others who have access to your roles system understand what this role is for. | ||
| + | |||
| + | ===== '''Creating New Roles''' ===== | ||
| + | |||
| + | Below the name and description is a large list of navigation items. The list will contain every navigation item (''URI'') that '''YOU''' have access to. Beside each navigation item are the available permissions you can provide (note that some permissions have no effect on certain pages). Using the example above for the "''Monthly Data Entry Manager''" role, you will need to provide that role with [[Read Permission|'''Read''']] to the [[Planning|'''Planning''']] section. You will also need to provide that role with [[Create Permission|'''Create''']], [[Read Permission|'''Read''']] and [[Update Permission|'''Update''']] for the [[Monthly Data Entry|'''Monthly Data Entry''']] page. | ||
| + | |||
| + | Once you have finished granting the permissions to the newly created role, you will need to [[Rebuild Role Maps|'''Rebuild your Role Maps''']]. For safety, you should only rebuild your business' role maps after you have completely defined your new roles. | ||
| + | Once you have created your new role and granted the permissions you want to provide to that role, you can then assign that role to any member of your business and they will have the new permissions granted to that role. | ||
| + | |||
| + | ===== '''Multiple Roles''' ===== | ||
| − | + | Every member of your business can have multiple roles assigned to them which is described in more detail in [[Manage Business Credentials|'''Manage Business Credentials''']]. When you assign roles to members of your business, be aware that you are granting | |
| + | access to '''ALL''' the pages with '''ALL''' the permissions assigned to each role. For example, if the "''Monthly Data Entry Manager''" does not have access to your [[Preset GAAP KPIs]], and you created and assigned both of these roles to one of your members, then that member will have access to both the [[Monthly Data Entry]] page as well as the [[Preset GAAP KPIs]] pages with the highest level of permissions assigned to either role. | ||
| − | + | ===== '''Deleting Roles''' ===== | |
| − | + | You may also delete any role you have created at any time, however be aware that when you delete a role that you have created anyone with that role attached will lose the permissions granted to them through that role. If a member of your business does not have any other role assigned to them when you delete their role, they will completely lose access to your business and you will have to contact the help-desk to restore their access. So when you plan on deleting a role you have created, it is best to assign the [[Guest Role|'''Guest Role''']] to those users before deleting the role. | |
| − | |||
| − | |||
| − | + | ==== '''For Advanced Learners''' ==== | |
| + | ===== '''Help''' ===== | ||
| + | If you find that the [[Core Roles|'''Core Roles''']] are insufficient in providing you with the access restrictions you need and you are uncomfortable with creating new roles, [https://profitnavigator.net Profit Navigator] [[System Admin Role|System Administrators]] will be able to define roles according to your business' specific needs. | ||
Latest revision as of 18:28, 19 March 2020
Contents
Explanation
Managing Roles Available to Your Business
Profit Navigator uses a authorization system called Access Control Lists. This system is designed to provide the highest flexibility in restricting access to your business' financial data. As an Alliance Partner or Business Owner you have the right to create any new role you wish and provide Create, Read, Update, Delete, User or Facilitator Permissions for these roles.
Core Roles
Certain Core Roles are already available to you if you do not wish to manage unique roles for your business and in fact, there are special permissions that can not be granted to roles that you create for certain core roles. These core roles are:
- Guest
- System Admin (Special Permissions)
- Alliance Partner (Special Permissions)
- Business Owner (Special Permissions)
- Senior Leadership Role
- Editor
- Authorized User
- Sales Manager (Special Permissions)
- Sales Associate (Special Permissions)
- Direct Reports
- Team Leader (Special Permissions)
- Team Scribe (Special Permissions)
- Team Member (Special Permissions)
- Alliance Member (Special Permissions)
- Alliance Facilitator (Special Permissions)
Core System Roles and Special Roles
Each of these roles is defined by the Core System and are not editable. You may assign any core role to any members of your business. The special roles have specific restrictions and permissions, and, as such, may not be assigned except by members who possess the correct credentials for assigning restricted permissions. The correct credentials are defined as either having, yourself, been assigned a restricted permission role, or having the System Admin Role.
Instructions
Editing Roles
When editing roles for your business, at the bottom of the list of core roles (and any custom roles created for your business) is a button that will allow you to create a new role. When you click that button a new role will be created for your business and the role editor will appear.
Changing the Title of Roles
Change the title of the role to any meaningful name. For example, if you wanted to create a role that only has access to enter monthly data, you could call the role "Monthly Data Entry Manager". You can also provide a description to help you remember what you want members with this role to do for you. It is suggested that you provide this description to help others who have access to your roles system understand what this role is for.
Creating New Roles
Below the name and description is a large list of navigation items. The list will contain every navigation item (URI) that YOU have access to. Beside each navigation item are the available permissions you can provide (note that some permissions have no effect on certain pages). Using the example above for the "Monthly Data Entry Manager" role, you will need to provide that role with Read to the Planning section. You will also need to provide that role with Create, Read and Update for the Monthly Data Entry page.
Once you have finished granting the permissions to the newly created role, you will need to Rebuild your Role Maps. For safety, you should only rebuild your business' role maps after you have completely defined your new roles. Once you have created your new role and granted the permissions you want to provide to that role, you can then assign that role to any member of your business and they will have the new permissions granted to that role.
Multiple Roles
Every member of your business can have multiple roles assigned to them which is described in more detail in Manage Business Credentials. When you assign roles to members of your business, be aware that you are granting access to ALL the pages with ALL the permissions assigned to each role. For example, if the "Monthly Data Entry Manager" does not have access to your Preset GAAP KPIs, and you created and assigned both of these roles to one of your members, then that member will have access to both the Monthly Data Entry page as well as the Preset GAAP KPIs pages with the highest level of permissions assigned to either role.
Deleting Roles
You may also delete any role you have created at any time, however be aware that when you delete a role that you have created anyone with that role attached will lose the permissions granted to them through that role. If a member of your business does not have any other role assigned to them when you delete their role, they will completely lose access to your business and you will have to contact the help-desk to restore their access. So when you plan on deleting a role you have created, it is best to assign the Guest Role to those users before deleting the role.
For Advanced Learners
Help
If you find that the Core Roles are insufficient in providing you with the access restrictions you need and you are uncomfortable with creating new roles, Profit Navigator System Administrators will be able to define roles according to your business' specific needs.
