Manage application roles
Use the Roles portlet to create and manage template and application roles. Each role defines access to the template or the application and to pages and application components. User access to application templates and applications is derived from the portal access control settings that you specify using the Resources Permissions portlet and refined by the membership roles that you create and manage using the Roles portlet.
Parent
Work with instances of composite applications
Previous
Manage application pages
Next topic
Assign members to applications
View application roles
From the list of application roles, you can view the name and general permissions provided by each role, edit the definition of a role, create new roles, and delete roles.
- View all roles that are available for you to assign to members of the selected application template or application.
Roles vary from template to template, and application to application. Each application template and application initially provides two roles that you can customize to create new roles:
AdministratorsAdministrators can edit the template or application and control its membership. Application members in this role have Manager access to all pages of the template or application. As application managers, they can create, edit, and delete shared resources.
UsersUsers can view and use the template or application. Application members in this role have User access to all pages of the template or application. As application users, they can view portal content.
- For each role listed, view its description.
Role descriptions generally identify the access that members in the role have for working with the application and the membership of the application.
- For each role listed, view the permissions that members in the role have for editing the application or managing members or both.
- Edit Application, if checked, indicates that members in the role can edit application properties, page layout, and roles.
- Manage Members, if checked, indicates that members in the role can control the membership of the application using the Members portlet. Managing members includes adding and removing individuals and groups to the membership list and assigning roles to members.
- Sort the list of roles by clicking the Name column header to toggle between ascending and descending order.
- Click New to create a new role for members.
- Click a role name to edit the definition of the role: its name, description, and access settings.
- Click the Delete icon to delete the role from the application.
You cannot delete a role if any one of the following conditions exist:
When you delete a role, all individuals and groups who are assigned to that role lose their membership in the application.
- The role is the only role remaining for the application that allows application editing.
- You are assigned the role.
Create application roles
When you create a new role, you name and describe the role and select the access that members assigned to the role will have to the application, the pages of the application, and to the application components. You can create roles when you are working in a template or when you are working in an application.To create a new role:
- Click New.
- From the list Create a new role based on this role: select an existing role or select none to use the default settings.
- Type a Role name.
- Type a Description for the role.
- Select the Application Access Settings that you want members in the role to have when they work with the application.
The additional settings extend the basic permission that all members in the role have to view all pages of the application.
- If you want members assigned to the role to be able to edit the application, click Also allow members in this role to edit the application.
If you select this option, the second option is automatically selected because a role that allows application editing must also allow membership management.
- If you want members assigned to this role to be able to add and remove members and assign members to roles, click Also allow members of this role to manage the membership of the application.
This setting is not optional if you have selected the first option. You can, however, choose to allow members of the role to manage membership without allowing application editing.
- Select the Pages and Components Access Settings that you want members in the role to have for all application pages and for each application component.
Each access level that is available for selection is described.
- Click OK to save the role.
Edit application roles
You edit an application role by changing the values of its name, description, and access settings. The access settings that you can specify will vary because they depend on the components defined for the application by the application template.To edit a role:
- Click the name of the role you want to edit.
- Type a new Role name.
- Type a new Description for the role.
- Select the Application Access Settings that you want members in the role to have when they work with the application.
The additional settings extend the basic permission that all members in the role have to view all pages of the application.
- If you want members assigned to the role to be able to edit the application, click Also allow members in this role to edit the application.
If you select this option, the second option is automatically selected because a role that allows application editing must also allow membership management.
- If you want members assigned to this role to be able to add and remove members and assign members to roles, click Also allow members of this role to manage the membership of the application.
This setting is not optional if you have selected the first option. You can, however, choose to allow members of the role to manage membership without allowing application editing.
- Select the Pages and Components Access Settings that you want members in the role to have for all application pages and for each application component.
Each access level that is available for selection is described.
- Click OK to save the role.