Comparing Role Privileges and User/Group Privileges

Roles let a designer (working in SBM Composer) work with privileges abstractly—that is, in relation to a function (such as QA Manager) rather than actual people. In contrast, an administrator (working in SBM Application Administrator) assigns privileges to actual users and groups of users. The administrator can assign privileges directly to users or groups or by associating a user or group with one or more of the roles created in SBM Composer.

The privileges available to the designer when creating or editing roles are all available to the administrator as user and group privileges, and the names are all close to identical (for example, the "View Fields in the 'User' Section" role privilege maps to the "View User Fields" user/group privilege). However, not all privileges available in SBM Application Administrator are available as role privileges. For example, administrative privileges for modifying a user profile and various system privileges are user/group privileges and are available only in Application Administrator.

Generally, role privileges alone are not enough for complex process app implementation, and you will likely want to combine roles with additional user/group privileges applied in Application Administrator.

Role privileges for primary tables are based on projects. The privileges can be categorized as follows:

Role privileges for auxiliary tables are not based on projects. The privileges can be categorized as follows:

Related Topics

About Roles