User roles

In Opus 2 Platform, a user role is a collection of capabilities that have been turned on or off and then clustered into a named role. This means any user role may appear different and be named differently on separate instances of the application. For that reason this overview provides a detailed description of each capability that may be included in the configuration of a complete role, rather than a description of any specific roles.

A user role can be configured and allocated both on a system-wide basis and for specific projects, but the two types of role have some differences.

System wide roles

A system-wide role applies to individual users only. Roles may be allocated in bulk to multiple users, but not to Teams. Anything a user is able to access or do on the global instance is determined by the capabilities defined in this role. All users need to have a role allocated at the system level.

Project specific roles

Individual projects may have specific user roles configured for them. These roles apply to that project only. A project role can only be allocated to a user Group, not to an individual user. If a user is added to a project Group with a specific project role this will determine what they are able to do in that particular project, irrespective of their system role. Project roles supersede system roles.

A project user that has not been allocated to a project group will retain the capabilities defined by their system role.

Templates, like projects, may have specific user roles configured for them. If this is the case, any project created from that template will have the group, but it will not have any associated users with it. These need to be added to the group for each new project.

Configuring a user role

To create a user role in Opus 2 Platform an operator or systems administrator needs to configure a combination of various capabilities. A 'role' is essentially a list of capabilities.

Each instance of Opus 2 Platform will come with a number of pre-configured roles, but it is possible to create new roles by combining a set of capabilities to suit a specific user purpose.

List of capabilities

The following tables provide a description of each capability in relation to which action it enables or gives access to when included in a role. The capabilities are conceptually divided into different functional areas of Opus 2 Platform, but this does not affect how they may be combined.

Certain capabilities are dependent on other capabilities. Where this is the case, the required capability is listed in the description.