Skip to main content

i4connected Knowledge Base

Role definitions

Abstract

Check out this article and learn more details about the role definitions and the settings that one can organize in order to influence their purpose.

A Role is an abstract definition having no effect until it is assigned, either directly to a user or indirectly to hierarchy nodes.

While defining a Role several aspects can be determined, concerning its behavior after assignment. Hence, we can distinguish the following Role settings:

Default Role

The Add / Edit Role panel allows the user to set a Role as "Is default". Hence, as soon as a new user is created, all default roles will be automatically assigned to that user.

As new users having no role assigned are restricted from accessing the system, this set comes in handy by automatically providing them with a minimum amount of permissions.

Warning

The default roles are NOT automatically assigned to already existing users. ONLY new users will be assigned to these roles.

Most commonly, the Is default setting is combined with the Front-end role setting. However, these roles need to be assigned to the default portal page. Otherwise, the user will still be restricted from accessing the system.

Tip

For more details about i4connected Pages management, please also visit the articles here.

Privileged Role

Roles can provide a set of special rights to the assigned users when the "Is privileged" setting is enabled. Typically, privileged roles have super-user rights, hence only users that have privileged roles assigned can create or modify privileged roles. Non-privileged users will not be able to modify privileged roles.

Note

The users having a non-privileged role assigned, that has the "Configure privileged security" permission enabled, will be considered as privileged.

Role Type

Further on, at the level of role definition, a Role can be scoped either as Front-end or Function role.

The Front-end role is a hard-coded permission set that grants the user having this role assigned, with the possibility to log into the system. Hence, when enabling the Front-end role setting, the list of permissions will be hidden from the Add / Edit role panel.

As indicated earlier, the Role definitions having the Front-end role setting enabled are usually also set as default.

On the other hand, the Function role is fully customizable allowing the system administrator to enable any of the listed permissions.

Based on the selected permissions, the user having a Function role assigned will be allowed or restricted to process various actions in the system.