Security roles allow you to custom-craft specific permissions for the users loaded into your CloudRadial tenant. Permissions affect the overall visibility and general functionality of each and every feature within your portal.
To customize these security roles, navigate to your Partner > Security tab from the left-hand feature set. Roles will be the first of three tabs at the top of this area.
Topics covered in this article:
- System Default Roles
- Creating Security Roles
- Deleting Security Roles
- Getting More Information from Security Roles
- Converting Existing Users to New Security Roles
- Type Mapping Security Roles
System Default Roles
There are four system default roles that cannot be deleted or modified, as they are foundational to CloudRadial operations. These are denoted as System Roles.
The four default roles are:
- Owner - the highest tier. Has full access to add, edit, and delete everything in the portal, including within the Partner area.
- Company Reporting - a role used to give read-only access to everything except the Partner tab. Commonly used for points of contact and other upper-tier users within a client company.
- User - the lowest tier. Has limited access to view everything in Home, Company, Support, and University. Commonly used for most users in the portal that don't need to see reporting.
- Impersonation - a custom role used by Partner-level admin users as they impersonate generic admins to manage specific clients. Has access to everything in full except the Partner tab.
Creating Security Roles
To create a new role, use the +Add button at the top right of the Roles section.
You will see the following blade panel with several options, broken down below:
1. Role Name
The name of the security role. This role name will be visible throughout several areas of the portal, such as when assigning a permission role to a user and on a column on the Usage > Users area.
2. User Groups
Gives you the option to bulk add users with the given company role to one or multiple user groups. This is to streamline the process of adding users to the user groups for content distribution purposes.
3. Visible Tickets
Gives the option for users with the given role to see either only their own (Personal), their specific site (Site), or all company (Company) tickets.
4. Ticket Status Overrides
For the specific user role, limit the visibility of tickets to tickets with only the specific statuses that you enter into this field. If left blank, it will take your default system settings established via Partner > Settings > PSA.
5. Module Permissions
Choose granular permissions for each and every feature in CloudRadial for the given security role. The rights are as follows:
- No Access- No rights to this module. The module won't appear in the sidebar.
- Read Only - View only rights to the content within the module.
- Personal - Ability to add content and then edit or delete content the specific user has created. Content created by the users with this permission will be visible to all users within that client company.
- Company - Ability to add or edit any company-level content.
- Partner - Ability to add or edit any content, including content that is Partner-managed.
As you create additional roles, you can also expedite the process by using the Save As function to copy a role and modify it from there, rather than rebuilding it from scratch.
Deleting Security Roles
Deleting security roles can be accomplished by first selecting the role via Partner > Security and then selecting the individual role. You will see the red trashcan icon at the top of the role blade.
Note that you will be able to delete roles with users still assigned to that role, and those users will be reverted to the base-level User roles.
You can find if users are assigned to that role by selecting the specific role and using the Assigned Users role. You must first manually remove these assigned users from that role in their respective companies before you can delete the role for good.
Getting More Information from Security Roles
Selecting any individual security role will let you see the following details of that role at a glance:
- Settings - the user group(s) assignment and ticket status/board modifications of that role.
- Permissions - the table of specific permissions for that role.
- Assigned Users - the exact list of users with that permission assigned to them.
Converting Existing Users to New Security Roles
CloudRadial partners that have purchased and customized CloudRadial prior to the February 21st, 2022 update will find any customized roles (formerly Limited Admin Access) mapped over to a role.
Note the following:
- Ticket restrictions for personal, site, and company tickets are now at the role level.
The number of roles allowed is dependent upon the version of CloudRadial - 10 is the standard for Starter and Professional plans. If you find yourself with more than 10 roles, it will be due to CloudRadial mapping any custom role you have created in bulk.
- You will not be able to add additional roles unless you are on the Enterprise plan.
Attempting to add new roles will result in the following message:
- You can still edit your roles, even if you've exceeded your limit of 10.
Selecting a given role will still allow you to make changes as necessary if you need to modify permissions of any kind.
Type Mapping Security Roles
To expedite the process of assigning your custom roles to your CloudRadial users, you can always use the Type Mapping functionality.
This takes the user types from your PSA tools and "maps" them over to CloudRadial, allowing you to take your existing PSA infrastructure as a basis for which users should have what permissions.
For specific information on type mappings and how to set them up, please see this article.