Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Roles are configured in Setup / Users & Accounts / Users / Roles

In Guides in this article:

Overview

Roles are assigned one or more role groups to determine the permissions that a role is granted. Once roles are set up they can be assigned to users in order to impart the needed permissions to that user.

In the event role groups assigned to a role have opposing settings (one role group grants read rights to a screen and another does not grant read rights to the screen) the role group that enables the permission will take precedence.

As of version 10.5.0 the system is configured with four roles (Read Only Core, Admin, API Admin and API ReadOnly). These roles use core role groups to define their permissions. These default core roles cannot be modified or deleted.

Prerequisites

  • Role groups must be setup in order to assign permissions to roles.

Roles Panel

The Roles panel on the left of this screen allows you to select existing roles to view and edit on the Edit Role panel to the right. Actions are also available in this panel which are shown as icons above the Filter text box. The available actions are described below.

Actions

Icon

Description

Image Modified

Deletes the role if not in use

Image Modified

Adds a new role

Edit Role Panel

The information in this panel reflects the currently selected role. From here you can change role details (fields will display a red left border if a value is required and purple text if the field is read-only and cannot be modifiednote: fields with a magenta left border are required).

Role Fields:

  • Name: a descriptive name for the role (administrator, account manager, etc.)

  • Type: indicates if the role provides permissions to access the Application UI (AdminPortal) or provides API permissions. A role can only be setup with either the ‘Application’ or ‘API’ role group, a role cannot be configured with both types of role groups

  • SCIM Role: used in systems integrated for single sign-on access. This setting indicates that the role was created when a group was pushed from an identity provider portal to LogiSense Billing. The role group created for the SCIM Role will have the SCIM Default role group permissions assigned to it (see the role groups screen help for details on the SCIM Default role group setting). SCIM Roles can be renamed as needed to provide a meaningful role name, but other settings cannot be modified (e.g. adding or removing role groups assigned to the role). Changes to the permissions on the SCIM role can be performed as normal by editing the role group permissions for the role group attached to the SCIM role 

Role Groups tab

On this tab you can view, add and delete role groups which define the permissions granted to the role. You can only select role groups that match the role type (e.g. if the role Type is set to ‘API’ then only role groups configured with the Type ‘API’ will appear in the Role Groups drop down field).

References tab

This section indicates where the selected role is in use within the system. A Filter References field is present which allows you to filter down to the see references that you wish to seerelated to a particular system entity. The Entity Filter will be disabled when viewing a core role group.

...

Adding Roles

  1. Under the Roles heading on the left click the (blue star) icon

  2. Under the Add Role heading on the right specify the role name

  3. On the Role Groups tab select

...

  1. one or more role groups that you wish to assign to the role and click + Add

  2. Click Save

...

Editing Roles

  1. Under the Role heading on the left click the role you wish to edit

  2. Under the Edit Role heading on the right modify the role

...

  1. Name if desired

  2. On the Role Groups tab add or remove the desired role groups to modify the permissions granted to the role

  3. Click Save when you have finished making changes

...

Deleting Roles

Info

Note: The core roles that come with the application (Read Only Core, Admin, API Admin and API ReadOnly) cannot be deleted.

  1. Under the Roles heading on the left select the role you wish to delete

  2. Under the same Roles heading click the (blue star) icon

  3. On the confirmation dialog that appears select Yes