User Settings
      Back to home
      1. Help Centre
      2. Getting started & Resources
      3. User Settings

      Add New Security Role

      This article shows you how to add new custom Security Roles to the system by copying existing Security Roles and editing their permissions. This allows you to have various Security Roles for each Security Role Type that are configured to fit different purposes.

      For example, you might want to create two Line Manager roles, one that enables certain managers to review compensation and approve holiday requests for their team and one that enables other managers to only approve holiday requests.

      There are two ways to add a new Security Role:

      1. Based off of one of the 4 standard Security Roles (HR Professional, Restricted HR Professional, Line Manager, Self Service).
      2. Based off of a previously copied role.

      Note:

      • It is recommended not to change the standard Security Roles so you can keep them as 'defaults'.
      • Copying a Security Role will copy all of its set permissions to the new role.

      When creating a new Security Role, you should follow this checklist to ensure you have considered all of the options / permissions that are inherited from the copied standard role:

      1. Create the New Role
      2. Check Notifications
      3. Edit Security Configuration
      4. Check Document Category and Attachment Category Permissions
      5. Notes on Security Roles and Permissions

      1. Create the New Role

      Navigate to: Administration >> Security Roles.

      Security Roles - Cezanne OnDemand - Opera
      1. Select Add New Security Role.
      1. Create the New Role
      2. Choose the Security Role Type for your new role (HR Professional, Restricted HR Professional, Line Manager or Self Service).
      3. Select which existing role you want your new role to be Based On (this could be a 'default role' or a previously configured role).
      4. Enter a Role Name.

      Note:

      • It is recommended to use the base role name as a prefix for your new role name to keep your system organised, e.g. Restricted HR Professional Custom 1.
      5. (Optional) Enter a Description for your role.
      6. Click Save.

      2. Check Notifications

      Navigate to: Administration >> Security Roles >> Security Role Settings >> Notifications Tab.

      When you create a new role, users assigned to the role could be eligible to receive any active notifications (subject to the usual recipient settings). If the intention is that users in this role should not have access to a particular functional area (e.g. Compensation), then you may want to disable the notifications that relate to this area for the custom role. You also need to consider custom roles whenever you activate a new notification.

      • To configure the notifications that the role will receive, click the ON or OFF button.
      2. Check Notifications

      3. Edit Security Configuration

      Navigate to: Administration >> Security Roles.

      1. Select the new Security Role from the search results.
      3. Edit Security Configuration
      2. Select Security Role Permissions from the left hand menu.
      Security Role Settings - Restricted HR Professional Custom 1 - Cezanne OnDemand - Opera
      3. Look through the tabs and consider which you want to turn ON / OFF (see screenshot below).

      4. Check Document Category and Attachment Category Permissions

      Navigate to: Administration >> Security Settings >> Document Categories.

      When you create a new role, it will automatically inherit the same document and attachment category permissions that have been configured for the role it is based on. Therefore check and if required update the new role's Document Categories and Attachment Categories permissions. For example:

      4. Check Document Category and Attachment Category Permissions

      5. Notes on Security Roles and Permissions  

      • Think carefully before creating a new role with an HR Professional Security Role Type as they have the permissions to turn screen availability, notifications and document categories back on.
      • Copying a Restricted HR Professional role will not copy any Security Policy information, this is specific to users and not roles.
      • If you activate a notification at a later date and make it available for a recipient (e.g. Supervisor), all users in custom roles could potentially receive this notification. You are able to turn the notification off for one or more custom roles using the Notifications tab on the Manage Security Role screen.
      • Setting up a new security role Based On an existing role will mean the new role will have the same permissions as the based on role by default.