A System Role is a collection of powers and permissions given to a User.
NOTE: This page is referring to System Roles, not Team Roles. Team Roles have their own set of permissions specific to individual Items.
What is a System Role?
System Roles work in conjunction with User Types and Network Locations to determine an individual's access within the system. Most KaiNexus users will have at least one System Role, though a User can be assigned as many System Roles as appropriate.
System Roles can determine a User's:
- Default notification settings
- Default Board, access to Boards, subscriptions to Boards
- Ability to create, view, edit, assign, or participate in certain Items
- Ability to approve Milestones
- Administrative permissions and responsibilities within KaiNexus
PRO TIP: If a User has multiple System Roles, their default notification settings will be the superset of the associated permissions and notification preferences of all those System Roles. These settings can be customized for individual Users.
What permissions can System Roles grant?
A System Role Permissions are divided into three categories:
Template and Workflow Permissions
Template and Workflow Permissions are a collection of abilities granted for specific Templates and Workflows. These Permissions give Users the ability to see and work with Items in which they may not be on the Team.
When building Template and Workflow Permissions for a System Role, you must first decide which Templates and Workflows the set of abilities should apply to.
- If you select a Workflow, the Permissions will apply to all Templates within that Workflow.
- If you select a Template, the Permissions will apply to only Items created from that Template. Building out Permissions on the Template level is a way to be very granular while designing System Roles.
All Template and Workflow Permissions except for "Participate" also specify where in the Network the Permission is valid. For example, a User might have Edit Permission for Improvements, but that doesn't necessarily mean they can Edit all Improvements in the system. The scope of their Permission depends on to which Locations their Permission is applied.
The Network Locations options are:
- Everywhere: The Permission is applied to all Items within the specified Template or Workflow, regardless of what Network Location the Item has.
- Location and Below: The Permission is applied to all Items within the specified Template or Workflow that are in the User's Network Location and the Network Locations nested beneath it.
- Only Location: The Permission is applied to only Items within the specified Template or Workflow that are in the User's Network Location.
- Only User's: The Permission is applied to only Items within the specified Template or Workflow in which the User is also on the Item Team.
Pro Tip: Learn about each Template and Workflow Permission in more detail by visiting this article.
Advanced System Role Permissions are not tied to any Template, Workflow, or Location. They are stand-alone Permissions that grant access to different Sections of KaiNexus.
Using Advanced System Role Permissions, you can:
- Grant Users access the Items, People, and Reports section
- Give Users the ability to create Boards
- Give Users visibility into Impact and Report data
Pro Tip: Learn about each Advanced Permission in more detail by visiting this article.
Admin Permissions are typically given to administrators or improvement leaders who need a greater level of access in KaiNexus.
Using Admin System Role Permissions, you can:
- Give Users widespread access to edit Board and Cards
- Give Users the ability to edit User Profiles and create new Users
- Give Users the ability to manage Attribute Values, Weighted Scores, and Locations.
- And much more!
Pro Tip: Learn about each Admin Permission in more detail by visiting this article.
Next in Series
Now that you have a general understanding of System Roles, we recommend preceding to the next article in this series about each Template and Workflow Permission that can be granted in a System Role.
- Create a System Role
- System Role Notifications
- What is a Team?
- View where System Roles are being referenced in the System