Roles and Permissions allow administrators to permit or deny actions for specific users and or groups. Once you have an understanding of the Roles it is time to assign them to a user.
- Click Administration.
- Select Users.
- Select a user in the User screen
- Right-click and select User Roles.
Assigned Roles on the left is a list of all the roles that are currently assigned to the user.
Resolved Permissions / Access on the right is a tree view showing how the permissions end up after all the roles are merged.
If role permission is explicitly denied then that permission will resolve to Denied no matter how many roles are assigned to the user that explicitly grants that permission.
NOTE: We recommend avoiding explicitly denying permission in the role. (This will allow more flexibility when combining roles.)
Notice that in the Resolved Permissions list nothing is left as Indeterminate. If permission has been specifically granted by a role and no other role specifically denies it, then it will be granted to the user. Otherwise, it will be denied. If the permission has not been granted by a role, then it is ultimately denied.