How do I set up Scoped Application roles?

darengneiting · ‎04-22-2016

I have created a scoped application to track details of our morning status call. We have 4 facilitators that would open a status call record and have ability to edit any field (except the ticket number). Then there are about 40 contributors that should be able to access the status call form and provide details.

I created an admin role, editor role, and user role. I also created groups that match and added members to these groups.

Do I need to assign the roles to something else to make this work? Do I need to specify exactly what each role will have ability to edit?

There are some default Access Controls; read, create, write, delete - Do I need to assign these?

I'm not a developer by trade, but a Problem & Change Manager attempting to create this and let our developers work on other more critical items.

Any help is appreciated!

Mike Allen · ‎04-22-2016

Delete ACL you want to hold for your administrators of the system, in my opinion.

Read should be open to everyone, so no role, or all your roles, either way.

Create should be open to editor role and admin role in your module.

Write should be all your roles.

darengneiting · ‎04-22-2016

I appreciate your response! So when I click on any of the 3 roles, I see some tabs: Contains Roles, Applications with Role, Modules with Role, Users (which shows the users assigned to the group I created), Elements Security List and several other tabs. Do I need to make updates to any of these to enable the appropriate Access Control? I really appreciate your help!

Mike Allen · ‎04-22-2016

No, you have to elevate to Security Admin and go to this page:

Here, I have said only admins can delete a record.

The requires role place is where you want to add your roles.

darengneiting · ‎04-22-2016

So here is a screenshot of my Roles and Access Control. I noticed you did not have Roles listed and I wonder if I did not need them as well? When I look at the 'Requires Role' area, I cannot find a place to edit or add, and as you can see from my screenshot, I have only the admin role listed under the write Access Control, and cannot seem to change it: