Difference between revisions of "Roles"

From Hornbill
Jump to navigation Jump to search
Line 1: Line 1:
 
<div style="border:1px solid #90C0FF; background:#D0E0FF; width:99%; padding:4px; margin-bottom:10px;">
 
<div style="border:1px solid #90C0FF; background:#D0E0FF; width:99%; padding:4px; margin-bottom:10px;">
__NOTOC__[[Main Page|Home]] > [[Administration]] > [[System Administration|System]] > [[Organisational Data|User and Guest Access]] > Roles
+
__NOTOC__[[Main Page|Home]] > [[Administration|Configuration]] > [[System Administration|Platform Configuration]] > [[Organisational Data|User and Guest Access]] > Roles
 
</div>
 
</div>
 
{|style="width: 100%"
 
{|style="width: 100%"
Line 12: Line 12:
 
<br>
 
<br>
 
<br>
 
<br>
In order for Users to access various parts of Hornbill they need to be given the appropriate roles. This is done using [[Administration|Hornbill Administration]].
+
In order for Users to access various parts of Hornbill they need to be given the appropriate roles. This is done via the [[Administration|Configuration]] area.
  
 
|style="width:5%"|
 
|style="width:5%"|
Line 31: Line 31:
 
<br>
 
<br>
 
===Where do I associate Roles to Users?===
 
===Where do I associate Roles to Users?===
Roles are managed in Hornbill Administration and can be associated to a User in two ways:
+
Roles are managed in the Configuration area and can be associated to a User in two ways:
* Navigate to a specific User Account and select and save roles in the "Roles" field.
+
* Navigate to a specific [[User Account]] and select and save roles in the "Roles" field.
 
* Navigate to a specific role and click on the "Assigned Users" tab. Associate more users to this role by clicking the "Add Users" button.
 
* Navigate to a specific role and click on the "Assigned Users" tab. Associate more users to this role by clicking the "Add Users" button.
 
<br>
 
<br>
Line 73: Line 73:
 
i.e.
 
i.e.
 
'''''Basic User Role''''' (Mandatory)<br>
 
'''''Basic User Role''''' (Mandatory)<br>
+ '''''Self Service User''''' - provides Service Manager functionality via the Service Portal <br>
+
+ '''''Self Service User''''' - provides Service Manager functionality via the Employee Portal <br>
+ '''''Docmanager Portal''''' - provides Document Manager functionality via the Service Portal<br>
+
+ '''''Docmanager Portal''''' - provides Document Manager functionality via the Employee Portal<br>
+ '''''Portal Chat Session User''''' - provides Live Chat functionality via the Service Portal<br>
+
+ '''''Portal Chat Session User''''' - provides Live Chat functionality via the Employee Portal<br>
 
and so on.<br>
 
and so on.<br>
  
Generally speaking, where an application is capable of delivering content via the Hornbill Service Portal, there will be a role controlling whether the content will be available to a Basic User.
+
Generally speaking, where an application is capable of delivering content via the Employee Portal, there will be a role controlling whether the content will be available to a Basic User.
 
<br>
 
<br>
 
'''NOTE:''' A Basic User account cannot posses a role which has a privilege level higher than "basic". Basic Users cannot be given assignment roles.
 
'''NOTE:''' A Basic User account cannot posses a role which has a privilege level higher than "basic". Basic Users cannot be given assignment roles.
Line 88: Line 88:
  
 
== Custom Roles ==
 
== Custom Roles ==
In the unlikely event that the range of System Roles supplied with Hornbill do not cater for your specific needs, it is possible to create your own Security and Assignment Roles.
+
In the unlikely event that the range of roles supplied with Hornbill do not cater for your specific needs, it is possible to create your own Security and Assignment roles.
 
<br>
 
<br>
 
Creating a new Assignment role is very simple and straightforward.
 
Creating a new Assignment role is very simple and straightforward.
 
<br>
 
<br>
However, creating a custom security role is quite an advanced task as it potentially requires becoming familiar with Hornbill's API documentation found at https://api.hornbill.com/docs/ in order to specify the correct system rights and database table access against the role.
+
However, creating a custom security role is quite an advanced task as it requires familiarity with Hornbill's API documentation found at https://api.hornbill.com/docs/ in order to specify the correct system and application rights against the role.
  
 
<div class="mw-collapsible mw-collapsed" data-collapsetext="Show Less" data-expandtext="Read More" style="width:1000px">
 
<div class="mw-collapsible mw-collapsed" data-collapsetext="Show Less" data-expandtext="Read More" style="width:1000px">
 
=== Creating a Custom Role ===
 
=== Creating a Custom Role ===
 
<div class="mw-collapsible-content">
 
<div class="mw-collapsible-content">
:# Launch [[Administration | Hornbill Administration]]
+
:# Launch [[Administration | Configuration]]
:# Select which application you are interested in the selection box at the top left
+
:# Select where the new role will be created (either Platform Configuration or a specific Hornbill App) from the drop down menu.
:# Select ''Roles'' then Roles
+
:# Click "Roles" under the section "User & Guest Access"
 
:# Select '+ Create New Role'
 
:# Select '+ Create New Role'
:# Specify the type of the new role
 
 
:# Complete Role details...  
 
:# Complete Role details...  
 
:::* Role ID - Name of new role. It must be unique.
 
:::* Role ID - Name of new role. It must be unique.
 
:::* Privilege Level - For most roles this will be User
 
:::* Privilege Level - For most roles this will be User
:::* Applications - Can apply to one or more Apps that will use this role
+
:::* Type - Security or Assignment
:::* Groups = Please leave blank
+
:::* Description - What the role has been created for
:::* Shared Mailboxes = Name of required mailbox (optional - a mailbox is only required if the role is intended to manage access to a Hornbill Shared Mailbox).
 
 
:: 6. Click "Create Role" to Save
 
:: 6. Click "Create Role" to Save
 +
: Once created, if the role was created in the context of Platform Configuration it's possible to add or update the application context or tie the role to a Hornbill Shared Mailbox. If the role was created in the context of a specific app, the application context cannot be amended.
 
<br>
 
<br>
 
: Here is an example of a new role definition:
 
: Here is an example of a new role definition:
Line 119: Line 118:
 
=== Modifying a Custom Role ===
 
=== Modifying a Custom Role ===
 
<div class="mw-collapsible-content">
 
<div class="mw-collapsible-content">
:# Launch[[Administration| Hornbill Administration]]
+
:# Launch[[Administration| Configuration]]
:# Select which application you are interested in the selection box at the top left
+
:# Select Platform Configuration or the application you are interested in from the Configuration drop down at the top left
:# Select ''Roles'' then Roles
+
:# Click "Roles" under the section "User & Guest Access"
 
:# Select the role that needs changing
 
:# Select the role that needs changing
 
:# Edit the details and then 'Save Changes'
 
:# Edit the details and then 'Save Changes'
Line 132: Line 131:
 
=== Deleting a Custom Role ===
 
=== Deleting a Custom Role ===
 
<div class="mw-collapsible-content">
 
<div class="mw-collapsible-content">
:# Launch[[Administration | Hornbill Administration]]
+
:# Launch[[Administration | Configuration]]
:# Select which application you are interested in the selection box at the top left
+
:# Select Platform Configuration or the application you are interested in from the Configuration drop down at the top left
:# Select ''Roles'' then Roles
+
:# Click "Roles" under the section "User & Guest Access"
 
:# Mark the check box for role that needs deleting
 
:# Mark the check box for role that needs deleting
:# Using the drop-down menu next to the '+ Create New Role' button, click 'delete selected'and confirm.
+
:# Click the delete button located to the top right of the roles list.
 
<br>
 
<br>
 
</div>
 
</div>
 
</div>
 
</div>

Revision as of 11:26, 29 April 2022

Home > Configuration > Platform Configuration > User and Guest Access > Roles

Introduction

A Role is a collection of rights that allow a user to perform particular actions in Hornbill.

Hornbill comes equipped with a range of roles ready to associate to your Users. With each App that's installed, the number of roles available to associate to your users increases as each App is delivered with a set of default roles specifically designed to govern access to that application.

In order for Users to access various parts of Hornbill they need to be given the appropriate roles. This is done via the Configuration area.

Related Articles

Associating Roles to Users

Who can associate Security Roles to Users?

Hornbill is designed to only allow the association of roles if the User who is performing the assignment of a particular role already possess the same system/application rights among the roles that they themselves possess. The "Admin" user account (which possesses the Super User Role) is exempt from this rule and has the ability to assign any role to any other user, therefore it is advised that you use this account (or another Super User Account) to allocate roles to the rest of the Users.

Where do I associate Roles to Users?

Roles are managed in the Configuration area and can be associated to a User in two ways:

  • Navigate to a specific User Account and select and save roles in the "Roles" field.
  • Navigate to a specific role and click on the "Assigned Users" tab. Associate more users to this role by clicking the "Add Users" button.


What Roles should I Associate?

Role Types: Security Vs Assignment Roles

Two types of Role exist within Hornbill, Security Roles and Assignment Roles:

  • Security Roles - Are used to control access to the different Hornbill Applications and also to the different areas within each application. Security roles posses a "Privilege Level" which affects whether they can be given to a basic user or full user.
  • Assignment Roles - As the name suggests, are primarily there to provide restrictions on the assignment of Activities. For example, when configuring a Human Task node within a Business process, it is possible to assign that task to a Role. This is especially useful if you wish to restrict the assignment of an activity to a number of Users within a particular Group (but not all users) or if you want to expose this activity to a selection of Users across multiple Groups.

It is also possible to share certain items based on an assignment Role. One example is Dashboards.
Assignment Roles can only be associated to "Application Users"

When viewing the list of roles, the type can be quickly identified by the symbol next to the role name. Hovering your cursor over the symbol will confirm this by way of a tool-tip.

Getting Started with Application Users

All application Users must have the Collaboration Role associated to their User Account. In addition to this, they will have a range of other roles depending on which applications they will need to access and the duties they will be carrying out within those applications.

Getting Started with Basic Users

All Basic Users must have the Basic User Role associated to their User Accounts.

In addition to this, they will have a range of other roles depending on what content they will be required to consume in the Hornbill Service Portal:

i.e. Basic User Role (Mandatory)
+ Self Service User - provides Service Manager functionality via the Employee Portal
+ Docmanager Portal - provides Document Manager functionality via the Employee Portal
+ Portal Chat Session User - provides Live Chat functionality via the Employee Portal
and so on.

Generally speaking, where an application is capable of delivering content via the Employee Portal, there will be a role controlling whether the content will be available to a Basic User.
NOTE: A Basic User account cannot posses a role which has a privilege level higher than "basic". Basic Users cannot be given assignment roles.



Custom Roles

In the unlikely event that the range of roles supplied with Hornbill do not cater for your specific needs, it is possible to create your own Security and Assignment roles.
Creating a new Assignment role is very simple and straightforward.
However, creating a custom security role is quite an advanced task as it requires familiarity with Hornbill's API documentation found at https://api.hornbill.com/docs/ in order to specify the correct system and application rights against the role.

Creating a Custom Role

  1. Launch Configuration
  2. Select where the new role will be created (either Platform Configuration or a specific Hornbill App) from the drop down menu.
  3. Click "Roles" under the section "User & Guest Access"
  4. Select '+ Create New Role'
  5. Complete Role details...
  • Role ID - Name of new role. It must be unique.
  • Privilege Level - For most roles this will be User
  • Type - Security or Assignment
  • Description - What the role has been created for
6. Click "Create Role" to Save
Once created, if the role was created in the context of Platform Configuration it's possible to add or update the application context or tie the role to a Hornbill Shared Mailbox. If the role was created in the context of a specific app, the application context cannot be amended.


Here is an example of a new role definition:
new role

Modifying a Custom Role

  1. Launch Configuration
  2. Select Platform Configuration or the application you are interested in from the Configuration drop down at the top left
  3. Click "Roles" under the section "User & Guest Access"
  4. Select the role that needs changing
  5. Edit the details and then 'Save Changes'

information - You can't change the Role ID once a role has been set up

Deleting a Custom Role

  1. Launch Configuration
  2. Select Platform Configuration or the application you are interested in from the Configuration drop down at the top left
  3. Click "Roles" under the section "User & Guest Access"
  4. Mark the check box for role that needs deleting
  5. Click the delete button located to the top right of the roles list.


Retrieved from "https://wiki.hornbill.com/index.php?title=Roles&oldid=29122"