The Role Access page allows users to review the configuration of features and elements in relation to a user and/or role. Administrators frequently use the page to determine the features and elements included or excluded from a role. The Role Access page can also identify the method used to include or exclude the feature or element (such as assigned/unassigned feature or grant/deny access exception).
These capabilities make the Role Access page a valuable tool for administrators troubleshooting access management issues. The Role Access page is frequently used in combination with the Element Mapping page to address access management errors reported by users. Use the Tools menu to quickly navigate to the Element Mapping page.
Please note the Role Access page is not restricted by licensing. Content may display that is not available to your organization.
In this article:
Using Search
Search Fields
The following fields are available as search filters on the Role Access page.
- User – Select one option to only show results for that user.
- Role – Select one option to show only elements for that role.
- Module - Select one or more options to review elements for the selected module(s). Reminder: The Role Access page does not restrict selection to licensed modules.
- Feature - The Feature field is dependent upon the Modules selected. Select one or more options to review elements for the selected features.
- Element Type - Select one or more options to review elements of the selected types.
- Element - Enter the name of a single element.
- Element ID - Enter the unique ID of an element.
- Access – Select one option to show only elements of the selected access type.
Search Using Role Access
To search on the Role Access page:
- From the Main menu, search for and select Role Access. The Role Access page opens.
- Select or enter search criteria. Refer to the previous section for information on available search fields.
- Click Search to retrieve results.
Understanding Search Results
Review the Access field for each row to determine whether the element is accessible.
- Assigned – The listed feature is included in the role. The element is included in this feature and should be accessible.
- Unassigned – The listed feature is not included in the role and its related elements should not be accessible. Important: Elements can be included in multiple features. If the element is not accessible through one feature, it may still be accessible as part of a different assigned feature.
- Grant – Access to the element has been granted using an access exception.
- Deny – Access to the element has been denied using an access exception.
Limitations when Troubleshooting
The Role Access page does not reflect when access to an element is blocked by action restriction, field restriction, or access privilege. As a result, a user may encounter an access management error even though the Role Access page indicates the element is Assigned.
To continue troubleshooting:
- Review the role. Check for the existence of action restrictions, field restrictions, or access privileges assigned to the role.
- Review the user. Access privileges can be assigned to a role or individual user. Check for access privileges assigned directly to the user.
Multiple Roles Per User
Momentus Technologies does not recommend assigning multiple roles to a single user. However, the software supports this configuration for specialized use-cases.
Troubleshooting access issues for users with multiple roles can be challenging. A good option is to utilize the Role Access page. This approach can quickly highlight the variances impacting user access.
- Search by the User (and any other limiting criteria) but leave the Role field blank.
- Sort or group the results so that the elements for each role are listed together.
- Review the Access column for each element.
Comments
0 comments
Please sign in to leave a comment.