Adding an access role to an application

You can add Rule-Access-Role-Name rules and associated Rule-Access-Role-Obj rules to the current application to define the classes that a user can view, update, and delete through the Access of Role to Object and Access Deny rule types.

  1. In Dev Studio, click Configure > Org & Security > Groups & Roles > Access Roles.
    The tab displays the access roles for the current application. If there is a work queue with the same name as the second portion of the Role Name it is also displayed.
  2. Click the Add icon to open the Add a New Role dialog box.
  3. Enter all the required information in the dialog box. You can add an access role and corresponding Rule-Access-Role-Obj rules based on your current access role, or clone them from another specified role.
    1. Role Name – Enter an access role name in the form RuleSetName:RoleName. Choose a name that is unique system-wide.
    2. Optional: Description – Enter a short text description for the access role.
    3. Optional: Clone From – Create the Rule-Access-Role-Obj rules for the new role by copying those associated with a specific existing access role, identify that source access role here. If you leave this blank, the Submit button uses your current access role as the source.
    4. Create Work queue – Select to create a work queue of the same name as the Role Name.
    5. RuleSet – Chose a ruleset from the list, or click the add icon to enter a new ruleset version.
    6. RuleSet Version – Select the version of the ruleset that you entered in the RuleSet field.
  4. Click Submit.
  5. To view all the access roles in the application with rulesets and ruleset versions associated with them, click Configure > Org & Security > Tools > Security > Role Names.
  6. Optional: To delete an access role, click the Delete icon in the table row. Any corresponding Rule-Access-Role-Obj instances are also deleted. Optionally, you can delete the corresponding work queue instance, if it exists.