For this article, we will be going over two modules at the same time, as they are simple and very similar in operation. The User Roles Maintenance and User Account Maintenance modules are where you will set the permissions for user groups and individuals through the Auction Master system. This can be set as simply or elaborately as you prefer. However, we recommend investing more time into organizing and configuring your auction's roles to save time down the road. It is far more of a hassle to add and edit users on a constant and individual basis than to merely assign a role that has already been configured.
User Role Maintenance
First, we will visit the User Roles Maintenance module. This module is located under the Administration section of modules and requires administrative privileges to access. Each role is assigned permissions and privileges that new users assigned to those roles will inherit. If a role is not configured properly, the user will receive an error message upon logging in as they will not have access to modules or reports unless granted within these two modules.
All user and roles require the Core, Organization, and Service permissions granted alongside the desired reports and modules.
For this solution, we will be creating a simple role for security guards at an auction site where inventory is gatepassed traditionally. For this role, we want the Security Guard occupying the gatehouse or guard shack to only have the ability to gatepass vehicles.
This means, the only module we want the users within this role to have access to, is the Enter/Clear gatepass module.
First, click New Role. Then, enter the name of the role you wish to create. We will use "Security" for this example. Then click save. The new role will appear in the list of roles.
Select the "Security" role we just created, and click "Edit Permissions" on the following screen.
The Edit Roles Permissions window will pop up, allowing you to select the user's privileges. As noted in the solution, all users need the Core, Organization, and Service permissions, along with the specific module permissions you wish to grant. To navigate this menu easier, you can select the "-" to the left of each category to collapse its contents and expand those which you need as you need them.
Under Modules, we want to select the GatePassEntry module and grant this role with access to that module.
Now, we need to set up a User Account and apply this role to test the role and user's permissions.
User Account Maintenance
The User Account Maintenance module will allow you to create, delete, or edit user accounts. If Roles have already been configured for a user, you will merely be required to assign the configured role to the user.
To create a new user, click "New User" and enter the required information on the pop up window
These permission settings will overwrite Role Permissions if set to an individual's account. For example, if you have a security guard running the entrance of the auction with access only to the "Enter/Clear Gatepass" module due to his inclusion of the "Security" role, and you would like that guard, but only that guard, to have access to the "Maintain Auction Inventory" module, you can either set an additional Role to assign that user, or edit that user's permission, granting the additional permission. Again, permissions granted or revoked to a user's account will supersede the permissions inherited from their assigned role.
To test the user's account and privileges, log out of your active account and log in as the user you have just created and configured. If the modules and reports that appear are the ones you intended for them, you have successfully created a role and user with that role's permissions.
Deleting Roles and Permissions
To avoid accidental deletion of user accounts and roles, user accounts must first have their permissions and roles cleared before they can be deleted. Similarly, roles act in the same manner. To delete a role, you must first clear all granted permissions and save the role before it can be deleted.
When deleting roles and accounts, the auto-incremented IDs that are assigned will not reset. This is because the system will retain that information in the background, just in case a role or account was deleted accidentally. The system will protect itself so no sensitive data is lost.