Modifying the default user permissions
By default, all of the user actions are enabled by default for everybody. User actions are activities such as creating an account, viewing records, editing profiles, and other actions. However, not everyone in your company can be permitted to do every action. You define these permissions through self serve.
Steps
You first create a Default_All
category and disable all actions for everybody. Then, for each user role, specify their permissions.
- Log in to the web app.
- On the left panel, click Customize > Global Settings.
- Scroll down to Advanced Settings and click JSON Configurations.
- Search for the
settings
object, expand it, and look for theuserRolePermission
object. - For users to have permissions, add their roles in
userRolePermission
. To restrict their permissions, create aDefault_All
category, set all permissions tofalse
, and then grant permissions to specific roles. For an example, see the code snippet in Example configuration.
Default_All
is the default
User roles that aren't specified in the userRolePermission
automatically take the Default_All
permission.
Example configuration
The following JSON array shows a configuration with two user roles zsm
and asm
. These two roles have different permissions for different user actions. The third category is a DEFAULT_ALL
category that has no permissions to anything at all.
{
"userRolePermission": {
"zsm": {
"disableAdd": true,
"disableVisibility": true,
"disableLock": true,
"disableEdit": false,
"disableBulkUpload": true,
"disableExport": true,
"disablePasswordReset": true,
"disableChangeManager": false,
"disableBulkNotification": true,
"disableNotification": true
},
"asm": {
"disableAdd": true,
"disableVisibility": true,
"disableLock": true,
"disableEdit": false,
"disableBulkUpload": true,
"disableExport": true,
"disablePasswordReset": true,
"disableChangeManager": false,
"disableBulkNotification": true,
"disableNotification": true
},
"DEFAULT_ALL": {
"disableAdd": false,
"disableVisibility": false,
"disableLock": false,
"disableEdit": false,
"disableBulkUpload": false,
"disableExport": false,
"disablePasswordReset": false,
"disableChangeManager": false,
"disableBulkNotification": false,
"disableNotification": false
}
}
}
- Click Save. You see a message that the changes are now saved as a draft.
- In the message box, click Go To Release Management so that you can move the changes permanently to the live configuration.
- Click Create a UAT release. Specify the release details and make sure to enter your own email ID because that's where you receive a one-time password (OTP) to continue with the process. Click Proceed.
- Enter the OTP you received in the email, and click Submit. Wait for a while till you see a confirmation message saying the process is complete.
- To see the changes, log out and log in again.