Application Roles

Click below to move to a specific heading in this topic HideClick below to move to a specific heading in this topic Show

Application Roles

Application Roles are roles used for regulating access to specific application components, and performing certain actions in the Administrator module. The system is responsible for properly sharing and managing application features; however, in order to ensure the integrity of the system, Permissions are established to govern users/user groups that can perform Administration Management. Custom Application Roles can be created per your agency's requirements. Application Roles are either system or user defined roles. For user defined roles, users can configure roles for users or user groups.

Below are the default System Defined Application Roles:

System Administrator: Users/Groups assigned to this role inherit all application Role Permissions.
Action Office Manager: Users/Groups assigned to this role inherit only assigned Permissions.
ATIP Officer: Users/Groups assigned to this role inherit only assigned Permissions.
User: Users/Groups assigned to this role inherit only assigned Permissions.
EDR Role: Users assigned to this role are given access to the Electronic Document Review feature of the application, and are counted against the purchased EDR license count.

Role Permissions

Application Role Permissions are used to regulate access to specific application components and to perform certain actions. The system is responsible for properly sharing and managing Requests, however, in order to ensure integrity of the system, Permissions are established to govern users that can perform request management, work on documents, or work with reports. User Groups allow Permissions to be assigned to each user in the group. All members of the group will inherit the same Permissions.

The Role Permissions described below provide the option to choose the necessary Permissions required for each role, per your organization's requirements. To assign all Permissions to a role, select the Select All checkbox.

Role Permission	Description
Action Offices	Permission to create, edit and delete Action Offices.
Add/Remove to Reading Room	Permission to add/remove Folders to/from the PAL Reading Room.
Electronic Document Review (EDR)-Configuration	Permission to configure Electronic Document Review (EDR).
Annual Report - Edit	Permission to edit the Annual Report.
Annual Report Publishing	Permission to publish the Annual Report.
Annual Reports	Permission to generate, view and print the Annual Report.
Application Roles	Permission to create, edit and delete Application Roles.
Audit	Permission to generate User Audit Reports.
Correspondence Templates	Permission to create, edit and delete Correspondence Templates.
Custom Fields	Permission to create, edit and delete Custom Fields.
Declassification - Configuration	Permission to configure the Desclassification tool.
Document Management	Permission to access Document Management.
Document Publishing/Unpublishing	Permission to publish/unpublish to/from the PAL Reading Room.
Document Reports	Permission to view and customize the Documents Workload Estimation Report, Documents Requests Report, and the Document Inventory Report. (!!) Note: Users without this Permission will not see the Document Reports option under the Reports tab and the Documents report type option under Custom Reports.
Enterprise	Permission to view and configure Enterprise information.
Fee Structure	Permission to work with Fee Structures.
File Cabinet Drawer Roles	Permission to create, edit, and assign File Cabinet Drawer Roles.
File Cabinet Drawers	Permission to set up Custom Fields for File Cabinet Drawer, create, edit and delete Sections, create, edit and delete File Cabinet Drawers, and work with File Cabinet Drawers and Folder templates.
Jobs	Permission to view Jobs.
Lookup Configuration	Permission to create, edit, and delete Lookup fields.
Mass Request Assignment	Permission to perform Mass Request Assignment to ATIP officers.
Merge Requester	Permission to select and merge Requesters.
PAL Reading Room - File Cabinets	Permission to create, edit and delete PAL Reading Room File Cabinets.
Program Offices	Permission to create, edit and delete Program Offices.
Redaction Codes	Permission to create, edit and delete Redaction Codes.
Request Management	Permission to access the Requests module and search for Requests using the Quick Search feature.
Request Reports	Permission to customize, generate, view and print reports on Custom, Billing and Request Management reports.
Request Type Roles	Permission to create, edit, delete, and assign Request Type Roles.
Request Types	Permission to create, edit and delete Request Types.
Requester Categories	Permission to create, edit and delete Requester Categories.
Requester Management	Permission to access the Requesters module and search for Requesters using the Quick Search feature.
Retention	Permission to create, edit and delete Retention Policies.
Security Configuration	Permission to configure Security settings.
System Configuration	Permission to configure settings for the following: Annual Report Header Template, Billing, Correspondence, Correspondence Templates, Error Message, Fiscal Year, General Settings, Help Links, New User Notifications, PAL, Reports, Request, Request Notifications, Services, and Technical Support.
System to System Request Submission	Permission to submit requests to connected systems using the S2S integration.
User Custom Reports	Permission to customize, generate, view and print reports on User Actions and User Logins
User Group Management	Permission to create, edit and delete User Groups.
User Management	Permission to create, edit and delete Users.

Levels of Permissions

There are two levels whereby Permissions can be granted:

Level	Description
Group Level	The group level allows assignments of Permissions to each user included in the group. All members of the group will inherit the same Permissions.
User Level	The user level allows for assignment of Permissions to specific users.

Create Application Role

Users with the required Permissions can create as many Application Roles as needed. Follow the steps below to create an Application Role:

Click Administration > Organization Setup > Application Roles. The Application Roles window displays as shown below.
Click New. The New Application Role screen displays as shown below.

Enter information in the fields described below per your agency's requirements.

Field	Description
Role Information
Role Name	The name of the Application Role.
Description	A brief description of the Application Role.
Role Assignment
Users/Groups List	A description box to Add Users and Groups, which also includes removal options. Group names are shown in bold font.
Role Permissions
Role Permissions	The Permissions required for each role, per your organization's requirements. To allocate all Permissions to a role, select Select All from the list of Permissions. For a description of the available Role Permissions, see the table under Application Roles.

While in the New Application Role screen (see step 2 above), click Add Users or Add Groups to browse and select the user(s) or group(s) to assign Permissions to.
Select or de-select the Role Permissions to enable or disable.

(!!) Note: Permissions related to Declassification, Retention Management, PAL, or Electronic Document Review will be available only when the respective modules are configured with the application.
Click Save. A verification message displays.
Click OK.

Steps to Edit an Application Role

Users with the required Permissions can edit Application Roles. Follow the steps below to edit an Application Role:

Click Administration > Organization Setup > Application Roles. The Application Roles window displays.
Select the Application Role you want to edit.
Click Edit. The Edit Role window displays.
Make any necessary changes to the Application Role.
Click Save. A verification message displays.
Click OK.

Application Role Permissions

Application Role Permissions are used to regulate access to specific application components and to perform certain actions. The system is responsible for properly sharing and managing Requests, however, in order to ensure integrity of the system, Permissions are established to govern users that can perform Request management, work on documents, or work with reports. User Groups allow Permissions to be assigned to each user in the group. All members of the group will inherit the same Permissions.

(!!) Note: An explanation of the available Application Role Permissions can be found under Application Roles.

(!!) Note: Permissions related to Declassification, Retention Management, PAL, or Electronic Document Review will be available only when their respective modules are configured.

Follow the steps below to assign Application Role Permissions to a User Group/User:

While in the Edit Role screen (see step 3 above), click Add Users or Add Groups to browse and select the user(s) or group(s) you want to assign Permissions to.
Select or de-select the Role Permissions you want to enable or disable.
Click Save. A verification message displays.
Click OK.

(!!) Note: System Defined Application Role Permissions cannot be edited.

Delete an Application Role

Users with the required Permissions can delete an Application Role. Follow the steps below to delete an Application Role:

Click Administration > Organization Setup > Application Roles. The Application Roles screen displays.
Select the Application Role you want to delete, then click Delete. A verification message displays.
Click OK. A confirmation message displays.
Click OK.

(!!) Note: If an Application Role is associated with a User or User Group, it cannot be deleted.