Role Manager is used to designate what sections in the Admin module a certain user can see. For example, if your company has a team of auditors that are only allowed to see the Utilities and nothing else, you can create a role that will allow them to do that. When that user logs in to Admin, they will not see the full menu. They will instead see an abbreviated version based on the criteria selected in Role Manager. Also, the Role Manager gives the ability to duplicate already created roles which can then be edited or set to read only. Users, who are assigned to the read only role, will be able to see everything that the duplicated role could, but will not be given the ability to add, modify or delete.
Quick Demo of Admin Roles
To set up a role:
- Go to Admin
- Expand Security
- Click on Role Manager
- Click on Add
- Enter a name for this role in the Name field (this is the only required field). For example, you could call it "Audit" for the auditors.
- Select an Operating Unit, Department, or My Group if this role will be restricted to any of them.
- Click Save
- Notice that the split screen opens up and a new tab appears called Access List. Click on Access List.
- Click on Add (the one for Access List).
- Select the items that the user will be able to see from this list (Notice there is more than one page).
- For Example, if I want to create a role for those auditors where they can only search and view expense reports, I would select the following:
- util - ExpenseSearch
- For Example, if I want to create a role for those auditors where they can only search and view expense reports, I would select the following:
- Click OK
- After the role is set up, you just need to assign it to the users that are going to be in that role.
- Employee.AdminRole.ReadOnly - Role allows user full admin access to Add, Modify and Delete, but restricts the ability to give or modify users 'Admin Role'.
- Employee.TEAccess.ReadOnly - Role limits employee time and expense right to 'Read Only'.
Duplicating a role for 'read only' access:
- Go to Admin
- Expand Security
- Click on Role Manager
- Select a already created role
- Click Duplicate
- Check the Read Only check-box
- Click Save
To assign a role:
- Expand Organization
- Click on Employee
- Find the employee you want to belong to this new group.
- Make sure the box next to Admin Role is checked (on the employee tab). Note that the T&E Access does not have to say "Main Administrator" for this to work.
- Click Save.
- Once the Admin Role box is checked, two new tabs will appear on the split screen called "Admin Info" and "Admin Roles". Click on Admin Roles.
- Check the box next to "Administrators" and then click Delete (this is a default role that gives users access to all of Admin so we don't need it selected for this particular user if we're limiting them)
- Click Add
- Select the role that you set up (in the example, it was called "Audit").
- Click OK.
- The user is now set up with that role so they will only see the role selected when they access admin. Again, for example, the "Audit" will only see Expense Search. They will not be able to validate, approve, delete, or any other actions that were selected.