LG5-11: Role Security Levels

Domain (Account) Administrators and Security Administrators can create as many User Roles as required in order to group users into appropriate functions of Responsibility. Each Role however must be assigned to one of the available Security Levels listed below. Security Levels determine which functions the users assigned to the Role can perform. 

  • Account (Domain) Administrator (AA)
  • Security Administrator (SA)
  • Activity Manager (AM)
  • Work Scheduler (WS)
  • Workflow User (WU)
  • User (U)

The table below shows the actions that can be performed by each of the Security Levels. 

Area Action AA SA AM WS WU U
User Settings Change display Language of user profile
  Edit own name, email, job title, phone no., time zone
  Upload own user picture
  Upload user picture to other user account        
  Edit other users name, email and other details        
  View user account information (associated Roles and Role security level) ● 
  Deactivate a User Account        
  Reactivate a User Account        
Dashboard Move and resize own dashboard widgets
  Add and remove own dashboard widgets
Dashboard Widgets (shortcuts) Assets
  Business Intelligence      
  Invite Team        
  My Account
  My Tasks  ●
  Welcome Message
Dashboard Widgets (dynamic) Activity Snapshot      
  Approvals      
  Busiest People    
  Current Work and Status    
  My Activities ● 
  Team Activity        
  Work Completed      
  Work Completed by Tag      
  Work Completed this week      
  Work Outstanding    
  Work Sent      
  Approvals I Manage      
  Progress of Work I Manage      
Managing Work Complete tasks assigned to self ● 
  Transfer any task from any user to any user***      
  Transfer own tasks to other users***  ●
  Add a note to a task
  'Take' a task assigned to a role the user is associated to, removing the task from other role members task list  ●
Absence Manager* Schedule a task auto-redirect using the absence manager  ●
  Edit a scheduled absence  ●
  Delete a scheduled absence  ●
  View past absences  ●
Assets and Libraries Create a new asset library          
  Assign asset library security          
  Edit any asset library          
  Delete an asset library          
  View all asset libraries          
  Upload an asset to any library          
  Download multiple assets from the basket (compressed) ● 
  Create an adhoc asset approval from the asset page    
  Send assets from basket on an adhoc approval    
  Perform an adhoc asset revision comparison ● 
  Perform an adhoc asset comparison using assets associated to a common activity/workflow ● 
  View asset (not reviewed)          
  View asset (approval in progress)          
  View asset (approved)          
  Move an asset to another library          
  Add an asset to the basket          
  Upload a new asset to a library          
  Upload a revision to an asset          
  Download asset          
  Send an asset on approval          
  Share an asset externally by sending a one-time code          
  Rename an asset          
  View rip log of asset          
  Reprocess the asset          
  Set the status of the asset          
  Delete an asset with a not reviewed status          
  Asset Libraries have separate security levels which determine what users can action within a library that they have access to.  See the Asset Library Security Matrix.            
Search Access to Global Search    
  Access to Search Activities    
  Access to Quick Search in Tasks and Activities pages    
Asset Classifications Add new asset classification          
  Edit existing asset classification          
  Delete asset classification          
Approval Classifications Add new approval classification          
  Edit existing approval classification          
  Delete approval classification          
Workflows (Activities) View details of own domain's activities    
  View details of other linked domain's activities ****    
  Edit a Workflow Task**    
  Edit Workflow Data via Completed Forms   A  
  View Gantt  
  Edit Gantt i.e. adjust the projected date and save to current plan      
  Delete a parent workflow (deletes all linked activity)          
  Restore a deleted workflow          
  Cancel any activity within own Domain        
  Cancel own activity   A  
  Pause any activity within own Domain        
  Pause own activity   A  
  Create a new workflow template          
  View any workflow template          
  Edit any workflow template          
  Deactivate any workflow template          
  Create a new workflow from a template      
  Add additional child workflows to a running activity retrospectively   A  
  Send a simple task to a user (not from template)      
  Can access associated activity through the Asset-Activities tab    
  Activitiy visible in My Activities page RACI RACI RACI RACI RACI RACI
  Activitiy visible in Activity Snapshot page AI AI AI AI AI AI
Briefs Can retrospectively edit any completed brief (without an approval verdict)      
  Can retrospectively edit a completed brief  where the user is the responsible assignee (without an approval verdict)  
Account (Domain) Admin Upgrade/downgrade account          
  View invoices/billing Reports          
  Modify account settings          
  Customise account logo          
User Management Create new user        
  Edit any user account        
  Deactivate any user account        
  View details of any user account        
  Create a new role        
  Edit any role        
  Add or remove users from any role*****        
  Change the rights of any role        
External Domain Connections View domain connections          
  Send a connection request          
  Break an active connection          
  Review a connection request          
  Modify domain visibility          
Item Browse Items      
  Add and edit Items      
  Delete Items      
Custom Forms Create a custom form          
  View all custom forms          
  Edit any custom form          
Categories View Category structure          
  Add and edit entries in the Category structure          
  Delete entries in the Category structure          
Glossaries Browse Glossaries          
  Add and edit Glossary items          
  Delete Glossary items          
Sequences View Sequences          
  Edit Sequences          
  Delete Sequences          
  View Sequences          

* There is a domain level feature to allow administrators to decide if users of their site are able to assign work during an absence to any member of the organisation, or only to users with the same role.

** Only applicable if the edit work items feature is enabled at domain level.

*** Only applicable if require common deputy roles' feature is not enabled at domain level.

**** Only applicable if activity is visible to all assignee's flag is set on the activity instance.

***** A Security Admin user cannot add or remove the Domain Admin level to/from any user.

Each asset library has its own library security.  Access is given by assigning a role(s). When a role is given access to an asset library the level of access for that role also needs to be set. There are three levels of asset library security which determine what users can do. This is shown in the table below.  

Area Action Read Only (Approved) Read Only (All) Contribute*
Asset Library View asset (not reviewed)  
  View asset (Approval in progress)  
  View asset (Approved)
  Move an asset to another library    
  Add an asset to the basket
  Upload an new asset to a library    
  Upload a revision to an asset    
  Download asset
  Send an asset on  approval  
  Share an asset externally by sending a one-time code
  Rename an asset    
  View rip log of asset    
  Reprocess the asset    
  Set Status of the asset    
  Delete an asset with a not reviewed status    

* Contribute is not applicable for a role that has a security level of user.

Have more questions? Submit a request

Comments

Powered by Zendesk