What are Roles and Secured Actions?
A role determines the functionality a user can access in the Web Client. Roles use secured actions to control access to user interface elements such as pages, menus, menu items, toolbars, and options. When you control access to individual user interface elements, you can control access to actions such as editing, deleting, or printing. Current secured elements are all user interface elements giving access to accounts, contacts, and opportunities.
You secure a user interface element by assigning a secured action to the Applied Security property in the Application Architect. Once a secured action is applied to a user interface element, only users who are assigned a role that includes the secured action can view and use the element. For example, Entities or Account or Edit is the secured action assigned to the Applied Security property for the Account detail view. When the option loads at runtime, the display value changes based on the user has permission to perform the action.
action on theA user interface element in the Web Client that is secured and restricts access from all users until a role is assigned which gives access to the user. To secure elements in the Web Client using roles, you must add secured actions to elements, add the secured action to a role, and assign users to the role. The following section provides more information:
Elements are secured in the Application Architect by assigning a secured action, or applying security. The value of the Applied Security property is the secured action name. To secure an element in the UI and allow user access to that element you must:
- Determine the secured action to use to secure the element. If necessary, you can create a new secured action in the Web Client.
- Add a secured action to the Applied Security property for the element in the Application Architect. See the 'Understanding Secured Actions' topic in the Application Architect Help for more information.
- Add the secured action for that element to a role in the Web Client.
- Assign users to the role.
Default roles
By default, users created in the Web Client are assigned the Standard User role. You can access all non-administrative functions in the Web Client. If you remove a user from this role, the user is not able to access any items that are secured, unless you assign a new role.
The default roles are:
- Administrator: You can add, edit, and delete permissions to administration functions such as users, teams, departments, pick lists, products, packages, Check for Duplicates, Process Duplicates, and Check for Duplicates History. Also gives edit permission for quick forms in the Web Form Designer.
- Data Quality Manager: You can add, edit, and delete permissions to Check for Duplicates, Process Duplicates, and Check for Duplicates History.
- Standard User: You can view, add, edit, and delete permissions to Web Client non-administrative entities such as accounts, contacts, opportunities, sales orders, leads, contracts, defects, and tickets. Also allows view permissions for products and packages. If you have existing users or create new users in the Administrator, you must assign users to the Standard User Role.
- Order and Quote Processor: You can add and view permissions to contacts and accounts and add, edit, and delete permissions to sales orders.
- Integration:
You
can add, edit, delete, and view permissions for integrations.
Note: This role is not recommended for standard users. The ability to view Sync History is part of the Standard User role. If users require access to other Integrations actions, for example the ability to authorize an integration, Infor CRM SLX recommends adding those actions to the Standard User role or creating a new role that includes those actions.
- Back Office: You can add, edit, delete, and view permissions for back office integrations. See What is Back Office Integration?
- Developer - You can access to the Developer Tools menu and menu items
- Security in the Network Client is defined using feature security, function security, and administrative roles. Web security combines all Network elements into one security model - a role. You cannot use the Network security model for a user who is logged into the Web Client or the Web security model for a user who is logged into the Network Client.
- The admin login can access all user interface elements, regardless of secured actions.
Using Roles and Secured Actions you can:
- Create a Role. See Creating a role
- Create a Secured Action. See Creating a Secured Action
- Assign a Role to Users. See Working with the Users Tab
- Edit or Delete a Secured Action. See Editing or Deleting a Secured Action
- Assign Users to the Standard User Role. See Assigning Users to the Standard User Role