Access Role form
Completing the Role tab

Use the Role tab to view Access of Role to Object (Rule-Access-Role-Obj) rules for an access role and to enable privilege inheritance.

• Clone from – Specify the name of an access role from which to clone a new role.
• Inherit privileges within class hierarchy – Select this check box to simplify the process of granting operator access to a feature protected by privileges. At run time, the system searches the class hierarchy for Rule-Access-Role-Obj instances, for the current access role.

  In the grid, each row represents a Rule-Access-Role-Obj instance that is associated with the role that you opened.

• In the Access Class column, click an access class to display or edit the Rule-Access-Role-Obj instance.
• In the Privileges column, the system lists the privileges associated with the Rule-Access-Role-Obj.
• For each access class, use the other columns to review the privilege settings for these operations: read instances, write instances, delete instances, read rules, write rules, delete rules, execute reports, and execute activities.
• The values in these columns represent the access permissions for each operation:
  • 0 or blank – Use to prohibit access to the operation.
  • 1 – Use for test systems or low-security systems.
  • 5 – Use for production or high-security systems.

Each value is compared with the production level of the deployed system. When the Rule-Access-Role-Obj setting is equal to or greater than the system production level, access is permitted.

Open topic with navigation