User Roles are a key feature of SmartSimple: they are defined in the system by System Administrators to categorize users and to provide the basis for setting Role Based Security permissions. The majority of your configuration needs will be using role-based security settings.
The Key Control Element - Roles
Roles have the ability to control the following features within your SmartSimple system:
- The Administration Interface menu - the menu items displayed in the administrative interface are controlled by the user role. Some users will see different menu items than other users, depending on their allocated role.
- Portal Interface - you can create a specific portal view for people in a specific role, overriding the display of the administrative interface.
- Role Based Custom Fields - you can gather different information for different roles through role-specific custom fields.
- Manager Permissions - manager permissions in all applications and key features are associated with specific roles. These Manager permissions will give them higher levels of access and functionality to that feature than other user roles.
- Role Permissions - permission a role to be able to set other roles. For example, a sales role may be able to change a Suspect role to a Prospect role, but not a Customer or Employee role.
- Associations - When you use the Associations feature to associate a contact with an organization to which they are not a contact, you use a role to show the relationship between the organization and the person.
- Within Universal Tracking Application™s, roles are used to define a context-specific role for a person - for example, a customer may be playing the role of Project Leader, but only for a specific project. Even more commonly, a Staff Role might have administrative permissions to a specific Universal Tracking Application™ only. See UTA role for more information about roles that are permissioned for UTA-only.
- Workflows Overview - you are able to reference the role in a collaborative workflow step; for instance, you can specify that everyone with the Executive Role would need to approve a document before the system can forward its distribution.
Notes on Roles
Prior to adding many users to SmartSimple, it is important to define roles:
- You can define any number of roles.
- You can associate a single user with any number of roles.
- It is recommended for security reasons that only a System Administrator can define roles.
- Once a role is created, the administrator associates users with those roles.
Always make sure that the role is defined prior to Importing Users or adding users via Auto Loader. Both methods provide features that will prompt you to select one or more roles for the users that you are uploading.
The Everyone Role
A single, important, built-in role is the Everyone role. Every contact will be a member of the Everyone role regardless of the other roles that are created and assigned to them. You are able to set a menu for the Everyone role, but unlike the other roles, you cannot create a portal for everyone, or provide access to reports to the Everyone role.
- Leaving permissions blank anywhere (excluding the Security Matrix will presume View and Edit access for everyone, provided there is no Status Lock in place).
- If there are Status Locks in place, the default for any user would be View access, unless they have Override Lock enabled (e.g. the System Administrator).
Configuration - Essentials
To access the list of roles available in your copy of SmartSimple, follow these steps:
1. Click on the 9-square menu icon on the top right of your page.
2. Under the heading Configuration, select Roles and Security.
4. Click on the hyperlink for User Roles.
5. A list of roles available to the system will be displayed; if you want to edit a role, click the pencil icon next to the name of the role. To create a new role, click the New button (+ icon).
Creating a Role
There are only two fields that need to be defined in order to create a role: the name of the role and a narrative description.
However, it is best practice to fill out as many of the fields as possible, with as much explanatory detail as possible. Role settings are described below:
|Role Name||The unique name of this user role.|
|Caption||The caption of this user role; this is the name of the role as it appears throughout the system. If you prefer to change the name of a role, changing the caption will accommodate this.|
|Description||The narrative description of the role.|
|Role Formula||The role formula sets a calculation that is performed whenever a contact record possessing this role is saved. See Role Formula for more information and instructions.|
|Two Factor Authentication||Enable two factor authentication for this role if required.|
|Enable Menu Icon||This will display a menu icon on the right of the screen for this role.|
|Internal User Role Only||If set, then this role can only be added to Internal users. External users will not have the option to be associated with this role.|
|UTA Role Only||This will mean that the created role is relevant only relative to records in a Universal Tracking Application™. See UTA Roles for more information. If this option is toggled on, then the role created will not be able to be assigned to a contact's profile, but rather will be selected as a role only when that contact is assigned to a UTA record.|
- Once you are done filling out the general edit fields for creating a new user role, click the Save button at the bottom.
When a user is added to a role, the role will be visible on the role list of that user's profile.
Clicking into the second tab of the New Role page will display the permissions for that role.
|Able to Set||This controls the roles that a user can add or remove when configuring other users. Typically, only System Administrators are given rights to set all roles.|
|Able to Activate||This controls the roles that a user must have before the current user can activate their user account.|
|Able to Set Password||This controls the roles that a user must have before the current user can manually set their password. For example, if you are looking at a user who has the role Applicant, but you can only set the password for the role Researcher, then you will not be able to see or access the Set Password button from the Applicant user's profile.|
|Able to Edit Email Address||This controls the roles that a user must have before the current user can edit their email address. For example, if you are looking at a user who has the role of Applicant, but you can only edit the email address for those with the role Researcher, then when you access the Applicant user's profile you will only be able to see a Read-Only version of the Email Address standard field.|
Menu Settings for Roles
When you Edit an existing role, or after you create and Save a new role, the page will reload and display a left hand menu that gives you access to different features of the role.
|Main||This will display the main details associated with the specific role, including the General page of fields as well as the Permissions that you can set for this role.|
|Current Users||This will display a list of current users associated with this role. From the current user tab, you are able to add or remove users.|
|Custom Fields||This will display a list of the Custom Fields associated with this role. You are able to add new custom fields by simply clicking the + icon on the top of the list.|
This will allow you to enable the portal associated with this specific role. You are able to activate the role-specific portal, set its priority, set its logo, and a template if necessary.
If you enable the Portal option for this role, then a new Menu tab will display on the left hand side menu.
|Shortcuts||Shortcuts can be configured depending by role either by as a Common Shortcut (for all roles) or on individual basis (for specific roles). For more information, see Shortcuts.|
|Reports||This will display a list of any Reports that the role is associated with.|
|News Feed||News feed refers to any transactions or information pulled from integrations - for example, through OFAC check, Transactions, and more. For more information, see Category: Integrations.|
Remove or Add from Current Users
You are also able to Add or Remove users in bulk when you access the Current Users section of the role's Edit Page, using the Add User button.
1. Click into the Current Users tab from the left hand side menu. The list of current users, if any, are displayed.
2. Click the + icon on the top left that will allow you to add new users to this role.
3. The Add User to Role screen will launch, with Search options including the ability to select certain roles as the results of the search.
- Tip: If this is a brand new instance, there may be no users in any role - in that case change the role field in the search options to No Role Assigned.
4. Select all of the users that you would like to associate with this role.
5. Click the Add button.
To Remove Users from a Current Role, simply go to the list of current users and select the names of the users who you would like to remove from the role. Once at least one user is selected, new buttons will appear at the top of the list that give you the ability to remove users.
Click Yes when the confirmation message appears if you are certain that you want to remove the selected user(s) from the role.