Adding a role template (Standard UI)

You can add a role template to define application permissions.

The Role Template wizard guides you through creating a new role, selecting object types for inclusion or exclusion, and setting security on the selected object types.

Role template names are not localizable.

Note: Users who have roles that are assigned to a context security point within the Business Entity level only have only navigation access to the parent Business Entity. If users require the ability to view or modify the details of a parent Business Entity, then you must use an entity-based role template to grant explicit Read and/or Write permission to users at an entity security point.

Procedure

  1. Ensure that System Admin Mode is disabled.
  2. Click Administration > Role Templates.
  3. On the Role Templates tab, click Add to open the Add Role Template wizard.
  4. On the Specify Role Details page:
    1. In the Name box, type a name for the role. For example, Tester01.
    2. In the Description box, optionally type a brief description of this role.
    3. Click the Role Type arrow, and select the type of security context point you want from the list.
      Note: If only one security context point type (such as Business Entity) is defined for your system, this is the only value in the list. Security context point types are derived from the security model in effect for your installation.
    4. Click Next.
  5. On the Specify Access Controls page:
    1. Select the check box next to each object type for which you want to configure folder permissions. For example, if you wanted to configure permissions for Risk and Test objects, you would select SOXRisk and SOXTest.
      Note: To select all object types, select the check box in the Name column.
    2. In the row for each selected object type, select a setting value for each permission (Write, Delete, and Associate). By default, Read is always set to Granted, and all other permissions are set to Unspecified.

      For setting details, see Role-based access control permissions.

    3. Click Next.
  6. On the Specify Permissions page:
    1. Select the application permissions that you want to assign to this role template. For a description of the various application permissions, see Types of application permissions.
    2. Click Finish. The new role is listed on the Role Templates page.
  7. To assign the role to a user or group, see Assigning a role to a user or group (Standard UI).