User Permissions/Roles Explained
All users have access to see all catalog items and preview them, but they do not have complete access to edit every item within the catalog. This type of access is determined by roles assigned to each user's profile. The roles can be viewed within the Role Manager. These have been set up during implementation to access what their label indicates. These are assigned to User Profiles within the User Manager to provide access to specific areas.
All users within the system are assigned permissions to grant them a role in the catalog, such as Editor, Reviewer, Approver or Administrator, and to assign them access to specific sections or items within the catalog. The roles determine what they can access to change/edit/review/approve.
Each profile requires one workflow role to enable their ability to log into the system and as many access roles as needed for the section/items they need access to. The workflow role assigned to them corresponds with the level of the workflow state they will have access to. The workflow roles automatically inherit access to the workflow states below the assigned state. Below are descriptions for the default workflow assigned to a catalog.
Please note, if you desire to create a user profile with "Read Only" access to the catalog, assign the user profile the "Workflow Draft" role only.
Workflow roles are designed to assign each user with their operating level within the catalog:
- Workflow Draft (EDITOR) – for all general editors, this gives them the ability to edit and promote items for Review. This is the first workflow state and only grants the user access to the Draft workflow state.
- Workflow Review (REVIEWER) – allows the user to edit items and accept specific items to review them and promote them to be approved. This is usually the second tier of the workflow, Pending Review, and will automatically inherit the Draft tier to grant access for editing.
- Workflow Final Review (APPROVER) – this role enables the user to edit, review and approve items in workflow that they have assigned access to. This is the final tier, Pending Final Approval, and automatically inherits access to the Draft tier and Review tier. This workflow also allows the user to approve items within this workflow state.
Access roles are assigned to grant a user access to specific items/sections within the catalog. These are typically divided into three major parts:
- Access Narrative – to access non-academic/content section parts of the catalog.
- Access Courses – accessing each subject code folder and courses within
- Access Programs – accessing each department or program listed individually
These roles can be assigned to general users depending on the access they will need to the catalog for editing, reviewing or approving. Each access role assigned to a profile, grants the user the ability to Lock/Edit the item within the catalog for editing, reviewing and/or approving.
These roles rollover with each catalog created but they are not automatically created for any new items added to the catalog post implementation. When a new item is added to the catalog, if individual access is needed for the new item, a role should be created and assigned for it, see Create a New Role.
Administrator role gives complete access to all areas and workflows- these are the "Super Users" of the system. Access is granted to
- All Workflow Levels (Editor, Reviewer, Approver)
- All Items/Sections (Narrative, Courses and Programs)
- In addition, this role is the ONLY role that can delete an item
When a user is made an administrator, the only role that is required for the user profile is the institution\admin role. Adding other workflow roles to the same profile can interfere with the admin role's access.
Curriculum and Syllabus Management profiles are similar to the catalog. Each user receives a workflow role and this role is the workflow state that they are approving proposals at. The access roles assigned to user profiles for the SM and CM systems, are accessing the sorting folders that specific proposals are within during the workflow process. These are commonly labeled the department, program or course subject code that the proposals are associated with.
Access to both the User Manager and the Role Manager is available from the Launchpad: