Web System Role Based Access Control & Access Control List

Settings: Manage roles (ACL)

An Access Control List (ACL) - is a system which allows you to define different access levels (Privileges) to the objects and methods within the account between account users. This system is based on Roles, which can be assigned to every user. It is very important to have properly configured Roles to avoid access proplems for users.  You want users to have a specific set of Privileges; no more and no less.   It is recommended that the designated Account Admin create Roles and thoroughly test before assigning a 'real' user to that Role.  In short, create a Test user, a Role, assign the Test user to the Role , then login and verify that Privileges are as expected.   Adjust the Privileges for that Role as required.  The Younicycle system has more than 300 possible Privileges that can be set in combination, so testing is desirable.

This chapter describes work with roles, access configuration and role assignment to users within the Web System.

Click Settings -> Manage Roles in top menu to get to the role management page.

1) Role list

In this example, three Roles exist, one of which (Default) was created automatically when you created your Account.  The Default Role includes all the appropriate Privileges for the type of Account you have chosen.  The other two Roles in this example we created.  There is NO limit to the number of Roles you create.  Notice the column marked '+'.  If you mouseover that column, Actions will appear which allow you to navigate to additional options within the system.

-- View: Displays a Read only list of the Actionable Privileges within that Role.
-- Edit: Gives you the ability to Edit that Role
-- Assign Users: Allows you to assign users to a Role.  You should create a Role before you create additional Users.

2) Add a new role

Click the button for New Role. Define a name for the Role and a description.  Description is not mandatory, but will be helpful for any future Admin and also to jog your own memory.  What was the intent of this Role?  For what types of users?

When done, click Add Role.

3) Assign Privileges

As mentioned, Younicycle has several hundred Privileges.  As the Admin you should become familiar with these Privileges which are named and intuitive.  We suggest that you add only those Privileges which will allow the that Role to perform certain tasks., usually associated with with a common Job Description.

Click the desired Privileges and then use the > arrow to move from the left column (Available ACL Actions) to the right column (Allowed ACL Actions.  When you have reviewed your list of Allowed Actions, click Save.

After moving the Actions:

Click Save.

(Image: Moved Actions)

4. Assign users to the Role

Note that you may begin the process of Assigning Users at your intial screen (see top image) or you may use Actions from within that Role and select Assign Users (see below).

4. Assign users to the Role (more)

To assign Users, select the user and move to the right column (belwo)

Click the > to move that User to the right column and Grant that Role to the User. (below)  Click Save when done.

To Remove a User from a Role, simply move that user from the right column (Granted) to the left column or got to Users, select the specific User and edit his/her Role from within Edit User.

5) Delete role

To delete the Role, click (see top image), select the checkbox to the left of that Role, then click Delete Role. 
Hint: Make sure that Users currently assigned to that Role are rssigned to a different Role before you delete.