View and Manage System Role-Based Permissions

Home > Settings drop-down > System Settings > Provisioning > System Role Permissions
Project > Settings drop-down System Settings > Provisioning > System Role Permissions

While Organization Role Permissions govern the access rights of Organization Users and Organization Groups in a given Organization role, System Role permissions govern the access rights of System Users and System Groups in a given System-level role. All actions that System Users and System Groups can perform are based on a selected role and the individual actions permitted or denied for that role.

The predefined System-level roles aim to accommodate a common set of permissions that control actions on system objects. If these roles are not sufficient, new roles can be defined with selected permissions. Any new roles defined and applied will subsequently appear in the role drop-down list when a System User account is created.

Note: You cannot alter the permissions of the System Administrator role.

A System User with the appropriate permissions can use the top-level context menu to perform the following action:

  • Create a role by clicking the (New Role) option, which launches the New Role dialog. Adding a custom role enables you to start with the default System Manager permissions and then specify your own permissions set.

For a selected role, clicking the ellipses displays a context menu of available actions:

  • Set as Default – This option, which is available for all roles, marks the selected role as the default role when using New System User to add a System User.
  • Edit – This option, which is available for all roles except System Administrator, allows editing of the name of a role.
  • Copy – This option, which is available for all roles, lets you make a copy of an existing role and its set of permissions as a starting point for a new role. Supply a new, unique name for the newly copied role.
  • Delete – This option, which is available for all roles except IT Administrator and System Administrator, allows deletion of a role.

Note: When determining permissions, Digital Reef considers both the individual User role (if applicable) and the role the User has within a Group. For example, if an Organization User has both an individual User role and a Group role, the permissions for that User represent a "union" of the roles' permissions. Effectively, this means that the User gains the higher permission level when comparing each permission in the User role versus the Group role.

The provided roles include the following:

  • Role — A role represents a set of permissions to apply actions to objects. As long as you have the appropriate permissions, you can assign a System User to any role from the drop-down list of those available, which includes the predefined roles and any custom roles created. Predefined roles include the following:
    • IT Administrator — Has full permissions to manage all aspects of the system. Only a System User in the IT Administrator role has the Add/Edit and Delete permissions for Storage, which are needed to configure and manage the system storage on which extracted documents and other data are stored. (All System Roles have the View permission for Storage.) This role cannot be deleted.
    • System Administrator — Has full permissions to manage all aspects of the system except Add/Edit and Delete for Storage. Only a System User in the IT Administrator or System Administrator role can assign other System Users to the System Administrator role. This role cannot be edited or deleted.
    • System Manager (default) — Has permissions to manage many aspects of the system, but not all. For example, a System User in this role does not have permissions to perform some IT-level functions.
    • System Member — This role has a smaller set of permissions, mainly for viewing System-level information.

Note: Since there must be at least one System User in each of the IT Administrator and System Administrator roles, the last IT Administrator or System Administrator-level account cannot be deleted, nor can the role for the last IT Administrator or System Administrator-level account be modified.

The System roles list provides a central location for managing permissions across key system objects. The object permissions for each of the System roles appears in the list; select a role to see the per-object permissions for that role.

If you have the System - Role Permissions - Add/Edit permission and you want to change the individual permissions for a provided System role, it is a good practice to make a copy of that role instead of editing the existing role. That way, you can preserve the original permission set. Having System - Role Permissions - Add/Edit permission enables you to add, edit, and copy roles, and use the checkboxes for an editable role to change permissions on a per-object basis. To assign custom permissions:

  • Identify the role for which you want to assign custom permissions.
  • Examine the appropriate permissions.
  • Identify any actions that you want to change.
  • Select or clear the checkboxes controlling the actions for the appropriate role. (Selecting a checkbox grants permissions to perform the action; clearing a checkbox denies permissions to perform the action.)
  • Make sure that for the actions you include, you have all of the associated permissions set as well.

Some permissions are controlled with a single checkbox setting, but most of the System permissions provide the following levels of permissions:

  • View – Ability to view the object.
  • Add/Edit – Ability to not only view the object, but also create or edit the object.
  • Delete – Ability to not only view and add/edit the object, but also delete the object.

Note: The dependencies between the permissions are maintained as you check or clear boxes. For example, clearing View for a given object will automatically clear Add/Edit and Delete for that object, if they are set. Or, clearing Add/Edit for an object will also clear Delete, if set. Likewise, setting Add/Edit for an object will also set View. Setting Delete for an object will also set View and Add/Edit.

In general, be aware of the following:

  • Any given dialog may require multiple permissions to support different actions or lists. If you do not have all the required permissions for a given dialog, an error in the dialog will help you identify the missing permission. In general, the default roles are designed to accommodate related permissions. If you modify a role or add your own role, make sure that you have all the permissions needed.
  • Multisection dialogs and dedicated popups that are intended to include one or more lists of items for selection require the corresponding object's View permission in order to populate the list. For these dialogs and popups, note the following if you start changing individual permissions for a role:
    • Within a multi-section dialog, you will see an error if you lack the View permission that controls a given list.
    • For a popup than uses individual tabs for lists (for example, System-level templates), you will only see the tabs for which you have permissions.
  • In general, if you do not have permission to perform an individual action, you will not see the option in the list of available options. This includes right-click options, or select options within a dialog/popup. It also applies to ellipses menu operations for Settings when you do not have permissions to perform any of the operations (for example, if you lack the permissions to perform Save to Template and Load from Template operations for System-level Alias Lists).

Note: In general, to log in as a System User, you must have Projects - View permissions. This View permission should remain enabled to ensure proper functioning of a System User in the application. In addition, keep the View permission for a given type of System Template enabled for a System role to ensure that all operations listing System-level templates can do so (for example, when selecting templates for Project creation, performing a Load from Template operation, listing System Export Fields templates for New Export Stream, New Export Volume, and Generate Load File), and selecting System Metadata View Field Templates for Create Manifest).

Status Tree Node

This section contains permissions that control access to eDiscovery items from the Status drop-down menu in a Project.

Job Management... – Controls access to the Job Management screen.

  • View (Job Management - View permission) – By default, all System-level roles can view Job Management information, which controls the main page and the following:
    • Create Job Notification and View Live Log options
  • Add/Edit (Job Management - Add/Edit permission) – By default, all System roles except System Member have these permissions. System Users with these permissions can use the following operations:
    • Apply Changes or Discard Changes
    • Cancel Selected Jobs (top toolbar)
    • Create Job Notification (top toolbar)
    • Change Project Service (top toolbar), which also requires permissions to change Projects and view Services
    • Change Job order using drag & drop
    • Control the Rate column
    • Use mouse-over actions for Pause, Resume, and Cancel for a selected Job
  • Delete (Job Management - Delete permission) – A Delete action is not applicable for Job Management. By default, all System roles except System Member have this permission.

Job and Error History... – Controls access to the Job and Error History.

  • View (Job and Error History - View permission) – By default, all System roles except System Member have permission to view the Job and Error History.

Active User Sessions... – Controls access to the Active Users Sessions screen.

  • View (Active User Sessions - View permission) – By default, all System roles except System Member have permission to view the Active User Sessions.
  • Add/Edit (Active User Sessions - Add/Edit permission) – By default, only IT and System Administrators have permission to manage Active User Sessions (that is, to issue Log out on All Devices for a user).

Monitoring – Controls access to the Monitoring screen.

  • View (Monitoring - View permission) – By default, all System roles except System Member have the permission to view the Monitoring screen.

OCR Usage Report – Controls access to the OCR Usage Report option and popup that supports download of the OCR Usage Report.

  • View (OCR Usage Report - View permission) – By default, all System roles except System Member have the permissions to view the OCR Usage Report option and popup.

Settings Tree Node

This section contains permissions that control access to items that are part of the eDiscovery System Settings, and fall into one of the following three categories:

  • Configuration

  • Provisioning

  • Templates

Configuration

The following items are associated with System Configuration settings:

Note: Delete permissions are not applicable to these settings.

Password & User Logout Policy – Controls access to the Password & User Logout Policy screen.

Note: The Password Policy applies only to systems explicitly configured for Standard Authentication. eDiscovery password management in general does not apply to Systems configured for TransPerfect Authentication (the default). Both forms of authentication do observe the User Logout Policy.

  • View (Password & User Logout Policy - View permission) – By default, all System roles can view the Password & User Logout Policy information.
  • Add/Edit (Password & User Logout Policy - Add/Edit permission) – By default, only IT and System Administrators have these permissions to manage the Password & User Logout Policy information. Password policy applies only to Standard Authentication

Email Server & Notifications – Controls access to the Email Server & Notifications screen.

  • View (Email Server & Notifications - View permission) – By default, all System roles can view the Email Server & Notifications information.
  • Add/Edit (Email Server & Notifications - Add/Edit permission) – By default, only IT and System Administrators have these permissions to manage the Email Server & Notifications information.

    • View (OCR Usage Report - View permission) – By default, all System roles except System Member have the permissions to view the OCR Usage Report option and popup.

System Storage Depot – Controls access to the System Storage Depot, which is only performed once for a system.

  • View (System Storage Depot - View permission) – By default, all System roles except System Member have the permission to view the System Storage Depot configuration. This permission is required to view Virus Detection information and to view the Delete Pending Projects.
  • Add/Edit (System Storage Depot - Add/Edit permission) – By default, only IT and System Administrators have these the required permissions to validate and establish the System Storage Depot after selecting available read/write System Storage. Currently, the permission to perform validation of the Storage used to create the System Storage Depot is inherently limited to the System Administrator role, and is therefore not available to any other role, including a custom role.

Virus Detection – Controls access to the Virus Detection configuration.

  • View (Virus Detection - View permission) – By default, all System roles except System Member except System Member have these permissions to view Virus Detection information. The ability to view Virus Detection information also requires System Storage Depot - View permission.
  • Add/Edit (Virus Detection - Add/Edit permission) – By default, only IT and System Administrators have these permissions to manage Virus Detection updates.

System Message – Controls access to the System Message screen.

  • View (System Message - View permission) – By default, all System roles can view the current System Message that will appear to all eDiscovery Users after login (if one has been configured).
  • Add/Edit (System Message - Add/Edit permission) – By default, all System roles except System Member have these permissions to manage a System Message that will appear to all eDiscovery Users after login.

Provisioning

The following items are associated with System Provisioning functions:

License – Controls access to the License screen.

  • View (License - View permission) – By default, all System roles except System Member have these permissions to view the system license information. A System Member does not have view permissions for the license.

Realm Nodes – Controls access to the Realm Nodes screen.

  • View (Realm Nodes - View permission) – By default, all System roles can view the Realm Node summary information.
  • Add/Edit (Realm Nodes - Add/Edit permission) – By default, all System roles except System Member have these permissions to manage Realm Nodes using the following operations:

    • New Realm Node with Validate Storage button

    • Modifying the Realm Node type in the Summary.

    • Save and Discard Changes buttons

  • Delete (Realm Nodes - Delete permission) – By default, only IT and System Administrators have permissions to use Delete to delete a Realm Node.

Storage – Controls access to the System Storage screen.

  • View (Storage - View permission) – By default, all System roles can view the Storage summary information.
  • Add/Edit (Storage - Add/Edit permission) – By default, only IT and System Administrators have these permissions to add and manage Storage entries using the following operations:

    • New Storage

    • View/Edit – Enables viewing of Storage information for a Local Temporary Storage or Remote Document Storage entry, and editing of information for a Remote Document Storage entry not in use.

    • Validate button, which is generally available when using View/Editfor a Storage entry.

  • Delete (Storage - Delete permission) – By default, only IT and System Administrators have permissions to use Delete to delete a Storage entry that is not in use.

Services – Controls access to the Services screen.

  • View (Services - View permission) – By default, all System roles can view the Services summary information.
  • Add/Edit (Services - Add/Edit permission) – By default, all System roles except System Member have these permissions to manage Services using the following operations:

    • New Service

    • Edit the Services name and/or description.

    • Save and Discard Changes buttons for the Realm Nodes in the Service.

    • Make checkbox selections to control which Realm Nodes are available when using the Service. (Listing of Realm Nodes may require Realm Nodes _ View permissions.)

  • Delete (Services - Delete permission) – By default, only IT and System Administrators have permissions to use Delete to delete a Service.

Organizations – Controls access to the Organizations summary screen.

  • View (Organizations - View permission) – By default, all System roles can view the Organizations summary information.
  • Add/Edit (Organizations - Add/Edit permission) – By default, all System roles except System Member have these permissions to manage the Organizations using the following operations:

    • New Organization

    • Calculate Storage

    • Enable | Disable All Projects

    • Add/Remove Members

  • Delete (Organizations - Delete permission) – By default, only IT and System Administrators have permissions to use Delete to delete an Organization.

Projects – Controls access to the Project screen.

  • View (Projects - View permission) – By default, all System roles can view the Projects information. Note that this permission must remain enabled to ensure that a System User can log in to eDiscovery. If it is cleared, you will see a permissions error.
  • Add/Edit (Projects - Add/Edit permission) – By default, all System roles except System Member have these permissions to manage the Projects, and can use the following:

    • Enable | Disable All Projects in <Organization_name>

    • Add/Remove Members

    • Change Service

  • Delete (Projects - Delete permission) – By default, all System roles except System Member have these permissions to use Delete Project to request deletion of a Project.

Delete Pending Projects – Controls access to the Delete Pending Projects screen.

  • View (Delete Pending Projects - View permission) – By default, all System roles except System Member have these permissions to view the list of Projects in a Delete Pending state. The ability to view the Delete Pending Projects information also requires System Storage Depot - View permission.
  • Add/Edit (Delete Pending Projects - Add/Edit permission) – By default, IT and System Administrators can use the options to approve or deny a request to delete a Project in the PENDING state.

Deleted Projects – Controls access to the Deleted Projects screen.

  • View (Deleted Projects - View permission) – By default, all System roles except System Member have these permissions to view the list of deleted Projects.

System Role Permissions – Controls access to the System Role Permissions screen.

  • View (System Role Permissions - View permission) – By default, all System roles except System Member have these permissions to view the System Role Permissions information.

  • Add/Edit (System Role Permissions - Add/Edit permission) – The System Administrator role cannot be edited, but it can be copied. By default, only IT and System Administrators have these permissions and can use the following:
    • (New Role) to add a custom role
    • Set as Default (System Manager is the default role)
    • Edit (name, for Roles other than the System Administrator role)
    • Copy
    • Make checkbox selections for an eligible role.
    • Save or Discard Changes
  • Delete (System Role Permissions - Delete permission) – The System Administrator role cannot be deleted. By default, only IT and System Administrators can delete a role at the system level.

System Users – Controls access to the System Users screen.

  • View (System Users - View permission) – By default, all System roles can view the list of System Users.

  • Add/Edit (System Users - Add/Edit permission) – By default, all System roles except System Member have these permissions and can use New System User or use context-menu options such as Edit to manage System User information. Note that Retry TP Auth Setup will apply only to System User entries on a TP Auth system that have a status of Failure, and Change Password and Unlock will apply only to System User entries on systems configured for Standard Authentication. Only IT and System Administrators can add another System User in the System Administrator role. For example, a System User with a role of System Manager cannot promote themselves to a role of System Administrator. Note that New System User and Edit for a System User also require System - Role Permissions - View permission for role selection. This is also true for the Add to / Remove from Organizations option when assigning member Organizations for a System User and selecting a role.

  • Delete (System Users - Delete permission) – By default, only IT and System Administrators can use Delete to delete a System User.

System Groups – Controls access to the System Groups screen.

  • View (System Groups - View permission) – By default, all System roles can view the list of System Groups. This permission is required to view System Groups, which also requires System Users - View to list the System Users in a selected System Group.

  • Add/Edit (System Groups - Add/Edit permission) – By default, only IT and System Administrators have permissions to add a System Group or modify System Group information. This permission is required to use New System Group to add a System Group, Add/Remove Members to modify System Group members, or Edit to edit System Group information. It is also required for the Add to / Remove from Organizations option when managing Organization membership for the System Group. Note that the ability to view System Groups and the System Users in the Group as well as the ability to control System Group members with Add/Remove Members requires System Users - View permission. Note that New System Group and Edit for a System Group also require System - Role Permissions - View permission for role selection. This is also true for the Add to / Remove from Organizations option when assigning member Organizations for a System Group and selecting a role.

  • Delete (System Groups - Delete permission) – By default, only IT and System Administrators can use Delete to delete a System Group.

Templates

The following items are associated with System-wide Template Profiles and System Templates:

Template Profiles – Controls access to the Template Profiles that can be pushed to one or more Organizations.

  • View (Template Profiles - View permission) – By default, all System roles can view the information for a Template Profile.

  • Add/Edit (Template Profiles - Add/Edit permission) – By default, all System roles except System Member have permissions to edit a Template Profile and its information, including the checkbox options, and use the Save, Discard Changes, and Save to Organizations buttons.

  • Delete (Template Profiles - Delete permission) – By default, all System roles except System Member have permissions to delete a Template Profile.

About Save to Template and Load from Template Operations for System Settings

For the following System Template settings, the Save to Template and Load from Template template commands generally require the following:

Note: By default, System Administrators and System Managers have the permissions needed to perform either of these operations for a given Setting, but System Members will not see the ellipses menu for the Setting.

  • Save to Template - You must have Add/Edit permissions for a given Setting to use the Save to Template option to save System settings to a new or existing template for that Setting. This could be an Organization template (of a member Organization) or a System template for that Setting. When saving to a System template, you can either select an existing System template, or you can select the top-level (New Template,) which launches the New Template dialog.
  • Load from Template - You must have Add/Edit permissions for a given System Setting to use the Load from Template option to load settings from a selected template to that Setting. Loading from an Organization template also requires View permissions for that Organization Setting, to list the Organization templates on the Organization Templates tab in the Load from Template dialog. In general, the listing of System Templates on the System Templates tab in the dialog requires System-level View permission for a given Setting. (This means you must be a System User in a role with at least View permission to see a list of System templates for a particular type of template in the dialog.) Not all Settings can be configured in templates at the System level (for example, Alias Lists).

Analytic Settings– Controls access to System Analytic Settings templates.

  • View (System - Analytic Settings - View permission) – By default, all System roles can view System Analytic Settings templates.

  • Add/Edit (System - Analytic Settings - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Analytic Settings templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template > Load from Template
    • Selected template > Edit
    • Analytic Setting selections
    • Save or Discard Changes
  • Delete (System - Analytic Settings - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Analytic Settings template.

Billing Reports – Controls access to System Billing Report templates.

  • View (System - Billing Reports - View permission) – By default, all System roles can view System Billing Reports templates.

  • Add/Edit (System - Billing Reports - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Billing Reports templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template > Load from Template
    • Selected template > Edit
    • File type selections (and drag-and-drop controls) to exclude from billing in the Project:
    • Save or Discard Changes
    • Add File Type Group and icons for a File Type Group or specific File Type
  • Delete (System - Billing Reports - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Billing Reports template.

Domain Lists – Controls access to System Domain List templates.

  • View (System - Domain Lists - View permission) – By default, all System roles can view System Domain List templates.

  • Add/Edit (System - Domain Lists - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Domain List templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template Load from Template
    • Selected template > Edit
    • New Domain List
    • Selected Domain List > Edit
    • Selected Domain List > Delete
    • Add Domains to add Domains within a List
    • Selected Domain > Delete Selected
  • Delete (System - Domain Lists - Delete permission) – By default, all System roles except System Member have permission to use Delete for a selected System Domain List template.

Excluded Content – Controls access to System Excluded Content templates.

  • View (System - Excluded Content - View permission) – By default, all System roles can view System Excluded Content templates.

  • Add/Edit (System - Excluded Content - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Excluded Content templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template > Load from Template
    • Selected template > Edit
    • New Content Block
    • Selected Content Block > Edit
    • Selected Content Block > Duplicate
    • Selected Content Block > Delete
  • Delete (System -Excluded Content - Delete permission) – By default , all System roles except System Member have permissions to use Delete for a selected System Excluded Content template.

Export Fields – Controls access to System Export Fields templates.

  • View (System - Export Fields - View permission) – By default, all System roles can view System Export Fields templates. Note that this permission is needed for operations that list System Export Field templates (for example, New Project, New Export Stream, New Export Volume, and Generate Load File).

  • Add/Edit (System - Export Fields - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Export Fields templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template Load from Template
    • Selected template > Edit
    • Export Field selections (and positioning)
    • Save or Discard Changes
    • New Transformed Field
    • Reset to Defaults
    • Download (.xml)
    • Load from .xml file
  • Delete (System - Export Fields - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Export Fields template.

Export Settings – Controls access to System Export Settings templates.

  • View (System - Export Settings - View permission) – By default, all System roles can view System Export Settings templates.

  • Add/Edit (System - Export Settings - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Export Settings templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template Load from Template
    • Selected Template > Edit
    • Export Setting selections
    • Save or Discard Changes
  • Delete (System - Export Settings - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Export Settings template.

Index Settings – Controls access to System Index Settings templates.

  • View (System - Index Settings - View permission) – By default, all System roles can view System Index Settings templates.

  • Add/Edit (System - Index Settings - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Index Settings templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template Load from Template
    • Selected Template > Edit
    • Index Setting selections
    • Save or Discard Changes
  • Delete (System - Index Settings - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Index Settings template.

Metadata Search Fields – Controls access to System Metadata Search Field templates.

  • View (System - Metadata Search Fields - View permission) – By default, all System roles can view System Metadata Search Fields templates.

  • Add/Edit (System - Metadata Search Fields - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Metadata Search Fields templates and can use the following:
    • New Template
    • Project-level Metadata Search Fields > Save to Template or Selected template > Save to Template
    • Load from Template
    • Selected template > Edit
    • Metadata Search Field selections
    • Save or Discard Changes
  • Delete (System -Metadata Search Fields - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Metadata Search Fields template.

Metadata View Fields – Controls access to System Metadata View Fields templates.

  • View (System -Metadata View Fields - View permission) – By default, all System roles can view System Metadata Search Fields templates. This also controls the Create Manifest > From Metadata View Fields Template option with System template selection.
  • Add/Edit (System - Metadata View Fields - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Metadata View Fields templates and can use the following:
    • New Template
    • Selected template > Save to Template
    • Selected template Load from Template
    • Selected template > Edit
    • Metadata View Field selections
    • Save or Discard Changes
  • Delete (System - Metadata View Fields - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Metadata View Fields template.

Patterns – Controls access to System Patterns templates.

  • View (System - Patterns - View permission) – By default, all System roles can view System Pattern templates.
  • Add/Edit (System - Patterns - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Pattern templates and can use the following:
    • New Template
    • Selected template > Save to template
    • Selected template Load from Template
    • Selected template > Edit
    • New Pattern
    • Selected Pattern > Edit
    • Selected Pattern > Copy
    • Selected Pattern > Delete
  • Delete (System - Patterns - Delete permission) – By default, all System roles except System Member have permissions to delete a selected System Patterns template.

Reports – Controls access to System Reports templates.

  • View (System - Reports - View permission) – By default, all System roles can view System Reports templates.
  • Add/Edit (System - Reports - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Reports templates and can use the following:
    • New Template
    • Selected template > Save to template
    • Selected template Load from Template
    • Selected template > Edit
    • Selected Reports settings
    • Save or Discard Changes
  • Delete (System - Reports - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Reports template.

Search Settings – Controls access to System Search Setting templates.

  • View (System - Search Settings - View permission)– By default, all System roles can view System Search Setting templates.
  • Add/Edit (System - Search Settings - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Search Setting templates and can use the following:
    • New Template
    • Selected template > Save to template
    • Selected template Load from Template
    • Selected template > Edit
    • Selected Search settings (all configurable items)
    • Save or Discard Changes
  • Delete (System - Search Settings - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Search Setting template.

Survivorship Model – Controls access to System Survivorship Model templates.

  • View (System - Survivorship Model - View permission) – By default, all System roles can view System Survivorship Model templates.
  • Add/Edit (System - Survivorship Model - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Survivorship Model templates and can use the following:
    • New Template
    • Selected template > Save to template
    • Selected template Load from Template
    • Selected template > Edit
    • Survivorship Model query selections
    • Save or Discard Changes
  • Delete (System - Survivorship Model - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Survivorship Model template.

Tags – Controls access to System Tag templates.

  • View (System - Tags - View permission) –By default, all System roles can view System Tag templates.
  • Add/Edit (System - Tags - Add/Edit permission) – By default, all System roles except System Member have permissions to edit System Tag templates and can use the following:
    • New Template
    • Selected template > Save to template
    • Selected template Load from Template
    • Selected template > Edit
    • New Tag (Organization level)
    • Selected System Tag > Edit
    • Selected System Tag > Delete
  • Delete (System - Tags - Delete permission) – By default, all System roles except System Member have permissions to use Delete for a selected System Tag template.

Save or Discard Changes Options

If you do not save your role changes before navigating away, you will be prompted to either save your changes and continue navigating away, discard your changes and continue navigating away, or cancel your changes and remain in the current location.

  • Save – Saves your changes to the role and its permissions. This button becomes active once you make changes.
  • Discard Changes – Discards your changes to the role and its permissions.