Logged in: Logged in as: Log in
FAQ
Search:
Page last modified 14:16, 14 Aug 2009 by Admin
Documentation Wiki > Roles and Permissions
Page Notifications Off

Roles and Permissions

This document contains conceptual, procedural, and scenario information on using roles and permissions. Roles and permissions are tools of the Enterprise 2.0 edition.

What Is a Role

A role is a collection of permissions that allow or deny actions on an item or item property. If a permission is not set, the permission has the same effect as a deny.

For example, a user has a collection of permissions for an email item that allow him/her to create, view, and update an email and denies permission to delete an email. This same user may have permissions for an image item that allow him/her to upload and view an image and denies permission to update or delete an image.

In the following image the user has access to the actions that have check marks in the allow column. The user can create, view, and update an email but cannot delete one. Notice that many of the check boxes are not set. Therefore, this user does not have permission to perform those actions.

Permissions (1).jpg

Roles are assigned to users and business units. Roles assigned to a business unit apply to all users in that business unit. Therefore, a single user can have multiple roles. The application aggregates permissions from all roles for each user. 

Users inherit roles from their business units. Child business units inherit roles and permissions from their parent when you select the Force Inheritance checkbox when managing business unit roles.

Characteristics of different types of roles are:

  • User Roles - Permissions stay with the user regardless of business unit
  • Business Unit Roles - Any user working in a business unit acquires the role and permissions of the business unit 
  • Individual Role - Permissions specifically assigned to the individual

The system uses the permissions aggregated from all of a user's roles according to the following logic to determine whether the user can access an item:

  • If no permission of the assigned role has explicitly granted access to an action, the action is denied
  • If one of the permissions of the assigned role has explicitly denied access to an action, the action is denied
  • Otherwise, the action is granted

Why Use a Role or Permission

Use roles and permissions to manage and control access to actions that can be taken against data in the application. You might create a Content Creator role for a user to create emails but not send them. You might want to create a content reviewer role for a user to only read content.

Typical roles may include Administrator, Content Reviewer, Content Creator, or Analysis. You can find more information on setting up roles and permissions in the Roles and Permissions Configuration Guide.

Use roles to enforce your security policies.

How to Create a Role and Assign Permissions

  1. Click the Admin tab.
  2. Click Account Settings.
  3. Click Roles.
    The Roles workspace opens.
  4. Click Create from the toolbar.
  5. Complete the Properties section.
  • Name - The name of the role
  • External Key - Unique identifier in the ExactTarget database
  • Description - Textual description for the role
  1. Complete the Permissions section - Click allow or deny as applicable for each permission. If a permission is not selected, the permission is considered the same as a deny

Note: When you check an item in the allow column, you are checking all the permissions in the allow column related to the item. This is also true for the deny column. If you want to assign some permissions to an item, check each individual permission for the item.

How to Delete a Role

  1. Click the Admin tab.
  2. Click Account Settings.
  3. Click Roles.
    The Roles workspace opens.
  1. Check the checkbox in front of the role you want to delete.
  2. Click the Delete menu item

The role is deleted. Permissions for a user and a business unit are recalculated when a role is deleted.

How to Update a Role

  1. Click the Admin tab.
  2. Click Account Settings.
  3. Click Roles.
    The Roles workspace opens. 
  4. Click the role name that you want to update.
    The Role properties and permissions workspace opens.
  1. Make changes as necessary.
  2. Click the Save button to return to the Roles workspace.

How to Assign a Role to a User

  1. Click the Admin tab.
  2. Click My Users.
  3. Check the checkbox in front of the name of the user for which you want to assign roles and click the Manage Roles menu item. 
    The user workspace opens.
  1. Select a business unit from the drop down box that contains the role you want to assign.
  2. Click the Edit Roles link.
  3. (Optional) Check/uncheck the checkbox in front of the role(s) you want to assign/unassign.
  4. (Optional) Check/uncheck the checkbox in front of the permission(s) you want to assign/unassign.
  5. Click the Save button to save the settings and return to the My Users workspace. Click the Cancel button to not save the settings and return to My Users workspace.

How to Assign a Role to a Business Unit

  1. Click the Admin tab.
  2. Click Account settings.
  3. Click Business Units.
  4. Check the checkbox in front of the business unit for which you want to assign roles.
  5. Click Manage Roles
  6. Check/uncheck the checkbox in front of the role(s) you want to assign/unassign.
  7. Click the Save button to save the settings and return to the Business Units workspace. Click the Cancel button to not save the settings and return to the Business Units workspace.

How to Create a Shared Item

Note: If an item is placed in its respective shared folder and no other action is taken by the owner of the item, all business units will have full access to that item.

  1. Click the Content tab.
  2. Click Shared Items.
  3. Click the folder that contains the item type you want to create. You can create the following types of items:
  • Emails
  • Templates
  • Portfolio Items
  • Content
  1. Click the Create button from the toolbar. 
  2. Follow the instructions in the dialog box that opens. 
  3. Click the Save button to save the settings and return to the shared items workspace.  
  4. Click on the Permissions menu item.
  5. Apply a role and set permissions for the shared item.
  6. Click the Save button to save the settings and return to the shared items workspace. 

How to Change Permissions for a Shared Item

You must be the owner of an item to change permissions for the item. As the owner of the item, you can perform all operations on the item, even if you remove permissions from your business unit.

  1. Select the Content tab.
  2. Click Shared Items.
  3. Click the folder of the items to share.
  4. Select the checkbox next to the item to share. 
  5. Click Permissions.
  6. Select the checkbox next to the business unit for which you want to edit the permissions.
  7. Click Edit Permissions.
  8. Check/uncheck permissions for the business unit.
  9. Click the Save button to save the settings and return to the edit permissions workspace. Click the Cancel button to not save the settings and return to the edit permissions workspace.
  10. Click the Return menu item to return to the shared items workspace.

How to Define a Subscriber Filter

Click here for more information on data filters and on how to define data filters.

  1. Click the Admin tab.
  2. Click Business Units.
  3. Check the checkbox next to the business unit for which you want to create the filter.
  4. Click the Define Subscriber Filter menu item. 
  5. Complete the filter criteria.

The results of this filter will become the all-subscribers list for the business unit.

On the business unit detail, you can control the unsubscribe options. This controls behavior of the entire unsubscribe, and not the individual list opt-out.

  1. Click the Save button to save the settings and return to the business units workspace. Click the Cancel button to not save the settings and return to the business units workspace. 
Tag page
What links here

Files 0

Attach file or image
 

Images 1

« prev next »
Viewing 1 - 1 of 1 images | View All
No description
Permissio...  Actions
You must login to post a comment.
Powered by MindTouch Standard 2009