Allow users to assign users to roles in the role view | | User that configures roles is the person who assigns permissions to user |
Create granular permissions for view, edit, create and deletion of roles | | Multiple Admins create roles and assign permissions to staff. Staff may or may not be assigning and unassigning users. Student perms change so often they try to distribute the responsibility |
| 1 Admin configures roles and generally assign staff to roles. Staff that manage the student works will actually assign permissions to their student workers |
Users are only able to manage Roles for the tenants they are affiliated with |
| Cohort of administrators configure roles and policies for users that operate in all areas of the system. |
Display roles and capabilities on user records by affiliation | | User needs to see the granular perms of a specific user on the user record for troubleshooting. |
Require specific user permissions to be able to view the Roles accordion on a user record | | Generally a security vulnerability to display user permissions to anyone who can see staff users (User could target other users based on their permissions linger at their workstation etc.) |
Allow admin user to compare the Roles and capabilities of one user to any other user in the system which they have permission to manage | | When identifying why user 1 can not do what user 2 can do we compare the users specific permissions or roles. |
Allow admin to compare the capabilities of one role to another role | | When new permissions are added functional roles are updated. Admins then compare roles to verify all necessary functions are included in each role |