Dashboard Roles and Permissions

Last updated
Save as PDF
Share
1. Share
2. Share
3. Tweet
4. Share

Roles
Actions
Functions
Access
1. Control Access

NOTE:
This document combines the Dashboard (DASH) roles and permissions with Security (SEC) roles and permissions. Or, see the master list across all apps here.

Roles

Dashboard

Security

♦ New in 4.4 ♦

Actions

Read: Allows a user to view components in Dashboard

Update: Allows a user to edit components in Dashboard

Create: Allows a user to create components in Dashboard

Delete: Allows a user to delete components in Dashboard

Functions

Dashboard

DASH_AUDIT_COMPARE: Controls access to the Audit Comparison tool
DASH_Reports: Controls access to generating Reports
New in 4.5 DASH_TRANSCRIPT_IMPORTER: Controls access to the Transcript Importer tool

Security

SEC_Advisees: Determines if the user is allowed to add advisees to another user
SEC_Change_Password: Controls access to change password
SEC_Domains: Provides rights to add domains to users and groups
SEC_Group_Members: Determines whether the user has the rights to add users to institutional groups
SEC_Groups: Controls the rights of modifying the privileges of institution's groups
SEC_Roles: Provides the rights to add and modify internal user roles and specifying what roles they have access to
SEC_Users: Controls access to changing details of users such as username and email

New App Functions in 4.4

CS_ADMIN_FUNCTIONAL: Allows the user to access all admin functions except the logging area
CS_ADMIN_TECHNICAL: Allows the user to access only the logging area–no admin functions
CS_ROLE_ANONYMOUS: Allows the user access to the "Access Denied" page. A user with CS_ROLE_ANONYMOUS with READ set to FULL can access the login screen without the "Access Denied" error.
CS_ROLE_STAFF*: Allows the user to access the staff menu within the application
CS_ROLE_STUDENT*: Allows the user to access the student menu within the application
CS_ROLE_USER*: Allows the user to gain entry into the application. Every user MUST have this role and must have CREATE set to FULL

NOTE:
The following functions are considered flags that must be set in order for other permissions to work:

CS_ROLE_STAFF: Must be set to FULL for everything if the role pertains to Staff of any sort
CS_ROLE_STUDENT: Must be set to FULL for everything if the role pertains to a Student of any sort
CS_ROLE_USER: Must have FULL permission across the board for all roles you create

Access

Three types of access in Dashboard include Full, Restricted, and None:

FULL: User has complete access
RESTRICTED: User has access that is restricted

"Restricted" access is the same as "Full" access across all uAchieve web apps except the uAchieve Planner.

NONE: User has no permissions

Control Access

Permission must be set to use each separate function of the Dashboard.

A simple formula to remember for setting permissions is: Action + Function + Access Type = Permission Setting

For example:

Read + SEC_ADVISEES + FULL = Users able to add advisees to other users
Read + SEC_ADVISEES + RESTRICTED = Users can add advisees to select users
Read + SEC_ADVISEES + NONE = Users cannot add advisees to any other users

Need More?
For additional information on Dashboard and Security settings, see Dashboard Security Definitions.