Roles and Permissions allow administrators to permit or deny actions for specific users and or groups. Once you have an understanding of the Roles it is time to assign them to a user.
Edit a User's Role:
- Click Administration on the top menu.
- Select Users.
- Select a user in the User Administration screen so that it is highlighted in blue.
- Right-click and select Edit User's Roles (or double-click to open User Roles).
- Assigned Roles on the left is a list of all the roles that are currently assigned to the user.
- Resolved Permissions / Access on the right is a tree view showing how the permissions end up after all the roles are merged. Click on each Plus(+) to expand and see each permission and whether granted or blocked.
If role permission is explicitly denied then that permission will resolve to Denied (Red X) no matter how many roles are assigned to the user that explicitly grants that permission.
NOTE: We recommend avoiding explicitly denying permission in the role. (This will allow more flexibility when combining roles.)
Notice that in the Resolved Permissions list nothing is left as Indeterminate. If permission has been specifically granted by a role and no other role specifically denies it, then it will be granted to the user. Otherwise, it will be denied. If the permission has not been granted by a role, then it is ultimately denied.