Websydian v6.1 online documentationOnline documentation - WebsydianExpress v3.5

Maintain Roles

Overview

This is the reference documentation for the administration menu item: User Management→Roles

This function is used by the administrator to maintain the roles defined for the current site. All roles defined for the current site - the site you are logged into - are shown.

Roles are used to determine what each user is allowed to access. This is done by assigning roles to users and site elements. If a user and a site element has a common role assigned, the user is authorized for the site element.

Grid Page

The grid shows information about the roles defined in the current site.

Sort order is decided by the user. You can choose between "Name" and "Priority" in the drop down list for "Sort by".

You can position on a "Name"/"Priority" by entering the start of the name/priority in the "Start with" field and press "Find".

You can search on "Name" or "Priority" by entering a search text in the 'Search for' field and press Find.

Update

The page shows all the information about the role, and the information can be updated.

Basic Information

The role name can be changed. This is relevant if e.g. a department name is used as the role name.

The description can be changed. The description is shown in the Maintain Roles grid.

For each role a comment can be entered. This is used to describe the role in details.

A folder list must be defined and it will be used for this role. The folder list is overridden if a folder list is assigned specifically for the user.

Advanced Information

A priority can be defined for the role. The higher the priority the higher ranking is the role. I.e. if a user is assigned two roles then the role with the higher priority will override the lower.

If the field "Available only in Intranet" is checked it has the effect that the role can only be used if the user has signed on from the Intranet, not from the Internet. This is relevant for Administrator who you usually for security reasons require that they are logged in from the Intranet to ensure that intruders cannot log in as administrators from the Internet.

For each role, you can override the timeout that will be specified for the session. The timeout is specified in minutes. You can't specify a fraction of a minute. If you specify 0, the session timeout from the site settings will be used.

In some cases we have found that a WebsydianExpress application is used by two very different types of users:

1. External customers

2. Employees

In these cases, the timeout that is appropriate for external customers will be highly annoying for the employees.

In most cases you do not want the sessions of your employees to timeout. You would normally already distinguish between customers and employees using roles - by specifying a special (long) timeout for the Employee role, you ensure that your employees can work with out having to log in several times during the workday.

 

If any read-only custom fields has been specified as extensions for the role entity, these fields will be shown as output fields in this section.

Custom Fields

Any editable custom fields specified for the role entity will be shown as input fields in this section.

Delete

Deletion of a role is only possible if it is not assigned to any users and site elements.

Insert

Basic Information

The name of the role and the folder list must be specified, in addition to this, a description and a comment can be specified for the role.

Advanced Information

A priority can be defined for the role. The higher the priority the higher ranking is the role. I.e. if a user is assigned two roles then the role with the higher priority will override the lower.

If the field "Available only in Intranet" is checked it has the effect that the role can only be used if the user has signed on from the Intranet, not from the Internet. This is relevant for Administrator who you usually for security reasons require that they are logged in from the Intranet to ensure that intruders cannot log in as administrators from the Internet.

For each role, you can override the timeout that will be specified for the session. The timeout is specified in minutes. You can't specify a fraction of a minute. If you specify 0, the session timeout from the site settings will be used.

In some cases we have found that a WebsydianExpress application is used by two very different types of users:

1. External customers

2. Employees

In these cases, the timeout that is appropriate for external customers will be highly annoying for the employees.

In most cases you do not want the sessions of your employees to timeout. You would normally already distinguish between customers and employees using roles - by specifying a special (long) timeout for the Employee role, you ensure that your employees can work with out having to log in several times during the workday.

 

Custom Fields

Any editable custom fields specified for the role entity will be shown as input fields in this section.

Users

Pressing the Users button in the grid leads to the user maintenance grid with the "Users for role" selector pre-filled with the role.

Special Considerations

It is important to consider priority of the roles if a user has more than one role assigned. Especially the assignment of folder lists to a session can be very dependent on the priority specified for the roles - unless only one role is assigned to the session or all roles assigned to a session has the same folder list.

Fields

The following fields are used on the pages:

Name

The identification of a role. The name identifies a role uniquely for a specific site. E.g.: the function for the person that has been assigned this role (administrator, customer, marketing dept).

Description

A short text that describes the role.

Comment

A long text that describes the role.

Priority

The priority for the role is used to decide the priority of two or more roles. The higher the priority, the more "important" the role.

Basically, a user will get access to all site elements that has one or more common roles with the user. However, in some cases a choice between several site elements that are all authorized must be made (e.g. if several site elements can be used to populate a frame at the load time - and the user is authorized for more than one of these site elements). In these cases, the role is used to determine which site element to use.

Intranet Only

If this field is checked the role can only be used from the Intranet. This is relevant for Administrator who you usually for security reasons require that they are logged in from the Intranet to ensure that intruders cannot log in as administrators from the Internet.

Folder list

Defines how the templates will be found for this specific role.

Timeout

If a non-zero value is used, this field determines the timeout for sessions where the role is assigned.

Related Information

Users and Roles
Background information about users and the role based authorization system of WebsydianExpress.
Folders and Folder Lists
Background information about Folders and Folder Lists.
Custom Fields
Introduction to Custom Fields.