Documentation
Start typing to search…

Permissions

The set of actions enabled by the role

Permission Example

  • The default view is showing only the permissions granted to that role.
  • Uncheck the "Show granted permissions" box to view all available permissions.
  • Hover over the ℹ️ on each category, to learn the content of that category.

The permission Hierarchy

  • List - Viewing lists of relevant entities.
  • View - Viewing the inner content of an entity, as in clicking on it.
  • Edit - The ability to update an entity.
  • Create - Represents both Create and Delete, the ability to create a new entity or delete existing ones.

📘

The Permission table symbols

  • When you see the green check mark, the permission was granted because a sub-role provides it.
    • To remove this permission, you have to remove the relevant sub-role. Note, there could be several roles granting the same permission.
    • Hover over the checkmark to see the list of roles granting it.
  • The on/off switch allows you to grant the permission directly in the role your currently editing.
  • Shared items - Dashboards, Alerts, Budgets or Business Mappings that were specifically shared with this role or sub-roles.

Shared Entities

Some Umbrella Cost entities are relevant for sharing - Dashboards, Reports, Alerts, Budgets. This allows you to create such entities with your role, and allow others to view them using their roles.

  • You can share such entities with roles that are in your role list.
  • You can allow sharing for viewing and/or editing

📘

Last updater is the owner

The user that edited and saved the entity last - is becoming the owner. The role(s) assigned to that user are the roles used to scope the data managed by that entity.

  • When the last updater has full access - Such a report will run on the entire organization data.
  • When the last updater has limited access - The report will be saved with limited access.

Run As - Offline Entities

Some Umbrella Cost entities run in the background, we call them offline entities You can set the user to use when running in the background, for alerting purposes, budget analysis and more.

Learn more about Shared entities and offline entities here

Impersonate

You can allow users to impersonate other users.

This allows them to work on behalf of other users, allowing them to view the data and create entities on their behalf.

Impersonation should be deployed and used sparingly.

Updated about 13 hours ago