Roles and rights
You need the Roles and Functionalities permission to access this chapter. Permissions are managed from the Roles and rights chapter namely, from the functionalities card of a users role.
Roles and rights
The Roles and rights chapter in Admin Suite provides an overview of all currently configured roles and the possibility to edit or create new ones.
Clicking an existing role or the '+' icon opens up the respective create/update card.
General details
The Name and Code of the role (user-specified). For any user-created role, the General details card also features a Deactivate after field. This field lets you set an automatic deactivation of the user with this role after not logging in for a certain amount of days. If this happens, the user will be informed of the deactivation through a popup during login.
Functionalities
All available permissions are listed here under the functionalities card. A corresponding brief description of each permission is also provided. Here is where you can grant, limit, or manage rights based on a users role.
You can refine the list of permissions using the search field using name or category. You can also click the i icon under the Actions column to get an overview of which setting(s) are linked to that permission.
If a permission is greyed out, that means your own role does not have the necessary permission to give it to someone else.
Elevation
In addition to permissions, EVA allows for elevated permissions. The fundamental essence of elevation is that you can give specific users partial permissions to conduct a task however, one that requires validation/authorization from another user with a role that has a complete permission to perform it.
You can enable this elevation per permission by double-clicking the Manage column or any other column you want to apply elevation to. An Orange sign signals that the permission requires elevation. Click Done after this to save your changes.
Modules
The Admin Suite modules are listed here, allowing you to control which modules a role can access. By default, all module access statuses are set to Inactive.
You need to have the permission ModuleRoles in order to use this feature. Permissions are managed from the Roles and rights chapter namely, from the functionalities card of a users role.
Download employee roles
In the Roles and rights chapter, you can download a list of all your employees and their currently assigned roles. After you click the download button, an Excel file will download with all the information.
Role sets
Role sets can be created and edited from Admin Suite People module. Role sets is an easy way to attach a selection of available roles to specific organization units, that way you can assign swiftly assign them to employees tagged under those organization units. In the Employees chapter, those roles will appear in the drop-down list of available role sets of that organization unit. This is managed from the Advanced information card of an organization unit.
This functionality can be used to prevent assigning roles to an employee that would give them a wide range of permissions above the level they would need to perform their duties.
Creating and editing role sets
The initial overview displays all available role sets (if any). Further, creating a new one or editing an existing can also be done from the initial overview.
Creating is simply done using the '+' icon (top right corner). Give it a Name and click Create to proceed, you'll then be prompted with additional cards where you can now attach roles and specify the organization units where such role sets could be used.
Clicking Done concludes the process and saves your work.
Editing is quite similar, simply click the role set you wish to edit, and you'll be presented with the same cards Name, Attached roles and Organization units.
Once the desired changes are made click Done to conclude and save your changes.
To access this chapter, you'll need the RoleSets permission. Permissions are managed from the functionalities card of a users role.