Roles and Permissions are a major security feature of IncidentAnalytix. Permissions control access to each Page in the Web Application and any Actions associated with that page. This gives you granular control over whether a User can View a Page, Add a new record, Edit a record, Delete a Record, View the Summary, etc.
Permissions exist on two levels:
- Role Level
- User Level
We strongly recommend that you set all Permissions at the Role level. It is much easier to create one or more Roles and then assign your Users to the appropriate Role. Also, a User may be assigned to more than one Role and they will be given the broadest access based on the multiple Roles.
For example: User A has Role 1 - Incident Data Entry which can only enter a new Incident. User A also has Role 2 - Data Analytics Viewer which can view the Analytics Dashboard. That means that User A will have access to the Dashboard because of Role 2 even thought Role 1 specifically denies them access to the Dashboard.
Permissions applied at the User level take precedence over permissions assigned at the Role level. In the example above if User A is only assigned to Role 1 they would not have access to the Dashboard. However, if under the User Permissions User A is granted permission to view the Analytics Dashboard they would be able to view it. The disadvantage to granting Permissions at the User level is that it is too easy to forget what Permissions each User has been given and you would need to look at each User Profile. That is why we strongly recommend that you set all Permissions at the Role level.
1. Create one or more Roles
Before you start to add Users, create one or more Roles.
- Add a Name for the Role
Set whether this Role should be the Default for New Users
- Assign Permissions to the Role
2. Add Permissions to the Role
By default a new Role has no Permissions, all of the boxes are unchecked. To add Permission you check the box next to the Pages/Actions that you want Users in this Role to be able to perform.
In this example the Role has been given Permission to access the following Contributing Factors for an Incident.
- Add page - for the Add Action
- Delete page - for the Delete Action
- Details page - for viewing an individual record
- List page - for viewing all of the Contributing Factors for an Incident.
The User has not been given Permission for the Summary page.
The Permission controls both Security and the User Interface. If Permission is not granted, the User will not see the item in the Sidebar. It also controls security access to the URL. If the User tries to type the URL into the browser they will be taken to a page that says 'You do not have Access to this Resource.'
|Sidebar with Permission Granted
|Sidebar with Permission Not Granted
You can see how powerful Roles and Permissions are for managing access and security for your Users. You can add, edit, delete Roles at any time as well as change the Permissions within a specific Role.
This video presents the overview of using Roles and Permissions and how you can enforce granular security to your application.