View Permissions - User Record

The User Record page displays all permissions a user has in all the roles to which the user is assigned. Each permission's constraints are also displayed. An administrator can add further individual constraints to their existing permissions.

To view a user's permissions, go to Admin > Tools > Core Functions > Users. Then, select the Permissions option in the Options drop-down for the user.

PERMISSION NAME PERMISSION DESCRIPTION CATEGORY
Security Administration - Manage Grants ability to create, modify and constrain security roles within the portal, and assign users to those security roles. This permission can be constrained by OU, User's OU, User, and User Self and Subordinates. This is an administrator permission. Core Administration
Users - View Grants the ability to search for and view summary information about users in the portal via the Admin/Users screen. This permission can be constrained by OU, User's OU, User Self and Subordinates, and Users. If multiple constraints are added, these constraints are considered OR statements. This is an administrator permission. Core Administration

Roles and Constraints

The following information is displayed for the user:

  • Security Roles - This displays the security roles to which the user is assigned. This does not include system defined roles.
  • System Defined Security Roles - This displays the system defined security roles to which the user is assigned.

Add General Permission Constraints

Select the Add General Constraint link to add a general constraint to all of the user's permissions that can be constrained.

Permissions Constraints Details

Select the Permissions Constraints Details link to open the Permissions Constraints Details page where the administrator can view each of the user's security roles, permissions, constraints, and permission modification history. See View Permissions Constraints Details.

This link is only available to administrators with the appropriate permissions, and it is only available for users within the administrator's permission constraints.

Role Permissions

The Role Permissions section displays all of the user's permissions except for the permissions in system defined roles. General constraints and permission specific constraints can be added to these permissions. Constraints can be changed at the user level in addition to the security role level. If you change constraints at the user level, you are changing the constraints for just that user, rather than all users in the role.

  • To add a general constraint to all of the user's constrainable permissions, click the Add General Constraint link in the Security Role & Constraints section.
  • To add a permission specific constraint, click the Add Constraint icon next to the appropriate permission.

Best Practice: Generally, it is not recommended to change permission constraints at the user level. This is because if you change constraints at the user level and then later make changes to the role a user is in, the system overwrites the user level constraints as a result of the changes made to the role.

Helpful Hints

If the user has a permission constrained related to the availability criteria selection tool (i.e., All reports, Knowledge Bank Topics, Catalog Manager, Announcements, Events, Sessions, etc.) then the availability they select will only include users who are also in the Organizational Units by which they are constrained. For example, if a user is constrained to Location: Los Angeles and Division: Main they will only be allowed to select availability within those organizational units.