Roles are created in
SBM Composer as
part of an process app, which can comprise multiple applications. Roles can
span the applications within the process app and serve two functions:
- Roles are a named collection of privileges. The privileges secure
user actions and data access. For example, a role named User could be a
collection of privileges suitable for someone to whom items are assigned but
who has no administrative tasks. Someone with that role could be restricted
from executing some transitions and from viewing fields in certain sections.
- Roles are a means to populate selection lists for
User,
Multi-User, and
Multi-Group fields. You associate roles with these fields in
SBM Composer,
then assign users and groups to the roles in
SBM Application Administrator.
Roles are distinct from groups, which are named collections of users.
Administrators can use groups to identify a set of users based on criteria
other than job function. A group could be created for a particular project, for
example, or for a division within the company. You can assign roles to a group.
Users and groups are associated with roles for particular projects in
Application Administrator.
Note: When groups or users are copied, role assignments are copied with
them. Also, when groups or users are imported through LDAP using a template
group or user, the role assignments associated with the template are copied to
the new group or user.
Key Benefits
- Organizes privilege sets by function rather than by users.
- Provides consistency in privilege assignments based on function, such
as "manager" or "service technician."
- Enables you to populate user-type fields at design time.
Copyright © 2007–2015 Serena Software, Inc. All rights reserved.