|
The User will be assigned following
permissions: |
|
Sr. |
Description |
Remarks |
|
Can
Create Application Role |
This
permission gives you the right to create an application
role
|
|
Can
Create Shared Role |
This
permission gives you the right to create a shared role
|
|
Can
Delete Application Role |
This
permission gives you the right to delete application role
|
|
Can
Delete Shared Role |
This
permission gives you the right to delete shared role
|
|
Can
Grant Revoke Application Roles To Groups |
This
permission gives you the right to grant or revoke application roles
to groups. |
|
Can
Grant Revoke Application Roles To Users |
This
permission gives you the right to grant or revoke application roles
to users. |
|
Can
Grant Revoke Shared Roles To Groups |
This
permission gives you the right to grant or revoke shared roles to
groups
|
|
Can
Grant Revoke Shared Roles To Users |
This
permission gives you the right to grant or revoke shared roles to
users
|
|
Can
Read Application Role |
This
permission gives you the right to read an application role. |
|
Can
Read Shared Role |
This
permission gives you the right to read a shared role. |
|
Can
Update Application Role |
This
permission gives you the right to update an application
role
|
|
Can
Update Shared Role |
This
permission gives you the right to update a shared role
|
|
|
|
|
When the user logs in using the assigned mode of
authentication, the following screen will be displayed: |
|
The user will be able to view a list of all the applications
(A). |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user can create a new role under an application (for which he
has "Membership Manager" role), since the user has the Can
Create Application Role privilege. |
|
|
|
|
Screen Display |
|
|
|
|
|
|
|
The new role will be listed under the
Application>Roles option. The user can view the
role details by clicking on the role name as shown below: |
|
|
|
|
Screen Display |
|
|
|
|
|
|
|
Since the user has the Can Read Application
Role and Can Update Application Role
privilege the user can view and update role details by clicking on
Application>Role> Rolename. |
|
|
Since the user has also been granted the
Can Grant Revoke Application
Roles To Users privilege the user can edit the granted
users option. |
|
|
Additionally the user can grant new roles to user using the
Users> Username>Edit Roles option. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user can also grant the new role to the groups,
since the user
has the Can Grant Revoke
Application Roles To Groups privilege. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The new role will be listed under the application, the user can
select and grant role. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user can delete the application role since he
has the Can Delete Application Role
privilege. |
|
Additionally the Restricted User Administrator has access to
manage the Shared Roles. |
|
The Can
Create Shared Role privilege allows the user to create a
new Shared Role. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The new role will be listed under the
Shared Roles option. The user can view the role
details by clicking on the role name as shown below: |
|
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user has the privilege to read shared roles
because of the Can Read
Shared Role privilege and update information because of
the Can Update Shared Role privilege the role
details will be displayed in an editable mode. |
|
|
Since the user has also been granted the
Can Grant Revoke Shared
Roles To Users privilege the user can edit the granted
users option. |
|
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user will be prompted to select the new
members for the selected role. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user can grant the shared role to the groups,
since he has the Can Grant
Revoke Shared Roles To Groups privilege. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user can assign the shared role to the group. |
|
|
|
Screen Display |
|
|
|
|
|
|
|
The user can delete the shared role since he has the
Can Delete Shared Role privilege. |
|
The Restricted User administrator also has the
privilege to view the system roles in read only mode because of the
Can Read System Role privilege. |
|
|
|
|
|
|