About Privileges

User privileges determine which information and features are available to users, and the product-access level assigned to users and groups determines which privileges they can be assigned. The tables in the following sections indicate which privileges are available for each product-access level.

For details on product-access levels, refer to Product-Access Types.

For details on specific privileges and their related product-access levels, refer to:

Privilege Inheritance Rules for Roles and Groups

Roles and groups offer a convenient way to grant privileges to multiple users at one time.

Privileges can also be granted to users in addition to those granted by their role or group membership, if needed. A user's total privilege set include all individual privileges plus all the privileges given to each role and group to which the user is assigned.

In general, all application privileges should be assigned through roles created in SBM Composer. System privileges for users and administrative privileges should be granted to groups, and users should be assigned to those groups.

Viewing Privilege Inheritance

To ease the process of granting privileges to users, privileges can be inherited through roles, groups, and projects. Folder privileges can also be inherited through the folder hierarchy established in SBM System Administrator.

Privileges that are inherited from a role, group, project, or folder are disabled. To determine how a disabled privilege was granted, hover over the check box to the right of the privilege name to view text indicating the role, group, parent item, or folder from which the privilege is inherited.