Roles
General
Roles are groups of user authorisations and can later be assigned to one or any number of users.
Roles marked as “Is System” cannot be changed or deleted. They serve as templates for creating your own profiles with customised rights.
In addition to the predefined roles for creating further customized roles, there are also functional roles:
WebAPI: If data exchange between systems is to take place
SystemMonitoring: Can perform queries on system performance
A user can also be assigned multiple roles with different authorisations. The authorisations of the individual roles are then cumulated for the user.
Input options
Button | Description |
|---|---|
 | Opens a role and displays all authorisations assigned to this role. |
 | Duplicates the opened role. |
 | Opens the editor of a role. System roles cannot be subsequently customised. |
 | Deletes the open role. |
Individual user roles can be created and customised using a copy of a system role. In contrast to system roles, individual user roles are not overwritten after an update.
Duplicate role
The new role must be given its own unique name. A description can also be added if required.
The rights of this new role can now be customised as required.
Authorisation trees can be expanded with [+] and collapsed with [-].
If a ‘tick’ is placed in a checkbox, the authorisation is active for this user. If the checkbox is empty, this authorisation for the role is inactive and users with this role cannot access the menu or function.
The new role is created with the ‘Duplicate’ button and the role creation is cancelled with ‘Cancel’.
If the checkbox is set/removed for an authorisation tree, this is applied to all points subordinate to this authorisation tree.
Permitted clients
Specifies for which clients the data (lists, articles, inventories, etc.) may be displayed.
If there is no entry under “Permitted clients,” all clients are permitted.
This is how client restriction behaves when a user has multiple roles with different “Permitted clients”:
Scenario | Results | |
|---|---|---|
| 1 | The user only has one role without client restrictions. | The user can see the data for all clients. |
| 2 | The user only has one role with the “Allowed clients” client A. | The user can only view data for client A. |
| 3 | User has role X with “Allowed clients” client A and role Y with “Allowed clients” client B. | The user is permitted to view the data for clients A and B. |
| 4 | The user has role X without client restrictions and role Y with the “Allowed clients” client A. | The user can see the data for all clients. |
| 5 | The user has role X without client restrictions, role Y with the “Allowed Clients” Client A and Client B, and role Z with the “Allowed Clients” Client A. | The user can see the data for all clients. |
→ back to COGLAS processes
→ back to COGLAS menu