The Role administration maintenance document is used to create a new KIM role and edit an existing role. Each role aggregates a specific set of permissions and responsibilities and allows you to assign members to the role. KC contains many existing roles that your institution may want to use as-is, but you may also change existing roles and add new ones by using the Role document. The document enables creation and updating of reference table records of roles users can have for the completion of various electronic documents in the system, such as proposal preparation.
The purpose of each role is defined by its associated permissions and responsibilities. Roles are classified by types that generally indicate the type of permissions and responsibilities with which they can be associated.
establish and maintain numeric codes and textual description values which are stored in database tables. This data serves as reference information that is made available for display and selection in various areas of the system, including other e-docs.
|
The process of create a new type requires technical assistance. Consequently, KIM does not provide an interface for creating role types. |
Figure 1469 Role Administration Maintenance Document Section Layout
The Overview section of the Role administration maintenance document is a unique section that allows you to identifies the role with a unique system-assigned ID number, a namespace and a name. Each role also has a type which tends to match the types of permissions and responsibilities associated with it.
Figure 1470 Role Administration Maintenance Document > Overview Section Example
Table 911 Role Administration Maintenance Document – Overview Section Field Descriptions
Field |
Description |
Role |
Automatically generated numeric value that uniquely identifies the role in the system. |
Namespace |
Select an option from the list (for example, ‘KC-AB – Award Budget’).
Use the drop-down |
Active |
Click within the checkbox |
Type Name |
Display-only. The familiar textual name of the Role Type the role is to be associated with. |
Role Name |
Enter the name of the role as it is commonly referred
to. Click within the text box (or press the tab |
Role Description |
Enter a description of the role (may be the same
content as the Role Name field). Click within the text box
(or press the tab |
The Permissions section of the Role administration maintenance document is a unique section that allows you to identify the permissions associated with this role. Permissions authorize specific actions in the system with which they are associated. A role can have any number of permissions (including no permissions) associated with it.
|
Permissions cannot be edited via the Role document. Use the Permission document to perform this function. |
Figure 1471 Role Administration Maintenance Document – Permissions Section Example
After you add a permission to the document, the system displays additional information about the permission.
Table 912 Role Administration Maintenance Document – Permissions Section Field Descriptions
Field |
Description |
Add Permission ID |
Click the lookup |
Add |
Click the add button to add the selection you made in the Add Permission ID field to the table below as a numbered line item. |
Permission Namespace |
Display-only, based on selection made in the Add Permission ID field. The Namespace identifies the application and module associated with this permission. |
Permission Identifier |
Display-only, based on selection made in the Add Permission ID field. The unique system-assigned ID number for this permission. |
Permission Name |
Display-only, based on selection made in the Add Permission ID field. The descriptive name of this permission. This often identifies, in general terms, what the permission authorizes. |
Permission Detail Values |
Display-only, based on selection made in the Add Permission ID field. The document types, tabs and/or fields this permission authorizes. Not all permissions have detail values. |
Active Indicator |
Indicator showing whether this permission is active
within the system or not. Click within the checkbox |
Actions |
Click the delete
|
The Responsibilities section of the Role administration maintenance document is a unique section that allows you to specify the responsibilities associated with this role. Responsibilities define the workflow actions that will be requested of the role. A role can have any number of responsibilities (including none) associated with it.
Figure 1472 Role Administration Maintenance Document – Responsibilities Section Example
After you add a responsibility to the document, the system displays additional information about the responsibility.
|
Responsibilities cannot generally be edited via the Role document, but some responsibilities have associated attributes that you must define at the role level. For information about editing responsibilities, see “Responsibility” on page Error! Bookmark not defined.. |
Responsibility Action Subsection: When adding a responsibility with an Action Detail Values at Role Member Level value of 'False,' you must complete additional fields in a Responsibility Action subsection. The system displays this section immediately beneath the responsibility you've just added. The fields in this subsection define the type of action requests generated for and the general workflow behavior associated with this responsibility. Entries in these fields cause the system to generate the same type of action requests for all members of this role and handle actions by all members in the same way.
Table 913 Role Administration Maintenance Document – Responsibilities Section Field Descriptions
Field |
Description |
Add Responsibility ID |
To add a responsibility to this role, click the
lookup |
Add |
Click the add button to add the selected responsibility to this Role document to the table below as a numbered line item. |
Responsibility Namespace |
Display-only, based on selection made in the Add Responsibility ID field. The Namespace identifies the application and module associated with this responsibility. |
Responsibility Identifier |
Display-only, based on selection made in the Add Responsibility ID field. The unique system-assigned ID number identifying this responsibility. |
Responsibility Name |
Display-only, based on selection made in the Add Responsibility ID field. The descriptive name of this responsibility. For most Responsibilities the name is 'Review. |
Responsibility Detail Values |
Display-only, based on selection made in the Add Responsibility ID field. This identifies more specific information about the responsibility. Responsibility Detail Values are formatted in a standard way with the following attributes delimited by commas: • Route Node: The workflow route level at which this responsibility is invoked. • Document Type: The document type for which this responsibility generates workflow requests. • Action Details at Role Member Level: A True or False indicator that defines where the details of this workflow action request are defined. If the value is 'True' then action details will be collected when Members are assigned to the role. If the value is 'False' then the action details must be collected when this responsibility is assigned to a role (see Assigning Action Detail Values elsewhere in this section.) • Required: Indicates if the routing represented by this responsibility should be required. If this is set to True and the responsibility fails to generate an action request (perhaps because no one is assigned to the associated Role) then the document will go into Exception status. If this routing is optional this value will be False and the document will simply skip this responsibility if no requests are generated. |
Active Indicator |
Indicator showing whether this responsibility is active within the system or not. Select to make active, uncheck to deactivate. |
Actions |
Click the delete
|
Responsibility Action | |
Name |
All is displayed by default. The namespace and name of the responsibility associated with these action details. |
Action Type Code |
Select one of the following options from the
list: APPROVE, ACKNOWLEDGE, or FYI. The type of action request
that the system is to generate for this responsibility. Use the
drop-down |
Priority Number |
Enter a numeric value to specify the order of priority. If multiple requests are generated at the route node specified on this responsibility, this value determines in the order in which the system will generate these requests. The system processes requests with lower priority numbers before processing requests with higher numbers. Requests with no number are treated as a priority of 1. |
Action Policy Code |
Select one of the following options from the list: FIRST or ALL. This value determines what happens if multiple members of this role receive the same action request and one of them takes the action. This currently only applies in situations where a single action request is generated to multiple role members (i.e. the action details exist at the role level) or a role is assigned to another role and these nested role members receive an action request. For example, if a role with a responsibility with action details defined at the role level, has three members assigned, all of these members receive the action request defined here; this code determines what the system does when one of them takes action on the document. • FIRST indicates that the first role member to take action on the document will automatically clear all the requests for this responsibility that may be in other role member's action lists. • ALL indicates that each role member must take individual action to clear his or her requests. |
Force Action |
Check the box to indicate that each user must take this
action for this request even if the user has already previously taken
action on this document. Leaving the box unchecked allows a request to be
immediately fulfilled if the role member has previously taken action on
this specific document. Click within the checkbox |
The Assignees section of the Role administration maintenance document is a unique section that allows you to specify and maintain the all members who belong to this role. You may also use the tab to add new members and edit the values associated with existing members.
|
When assigning roles to other roles (nesting roles), qualifying values are not required. Some roles in the KC base data contain special logic to derive the required qualifiers from the nested role itself without qualifiers being specified. You may always specify qualifying values for a nested role and should do so unless you know the role being assigned contains logic to derive the qualifiers from the nested role. Roles without the proper qualifiers can cause problems throughout your KC instance. Please consult with a KC technical resource if you are unsure of whether or not to provide qualifying values when assigning a role to another role. |
Figure 1473 Role Administration Maintenance Document – Assignees Section Example
Table 914 Role Administration Maintenance Document – Assignees Section Field Descriptions
Column |
Description |
Type Code |
Role members can be principals (as defined on the
Person document), groups or other roles. Select the type of member you
want to add to this Role. Select one of the following options from
the list: Principal, Group,
or Role. Use
the drop-down |
Member Identifier |
Click the lookup |
Namespace Cd |
Automatically populated based on your selection in the Member Identifier field. Identifies the namespace code associated with this role member. Note that only groups and roles will display a namespace code. |
Name |
Automatically populated based on your selection in the Member Identifier field. Identifies the name of the member being assigned to this role. |
FullName |
Automatically populated based on your selection in the Member Identifier field. |
Active from Dt |
Allows you to qualify this member's association with
this role by date. Entering a from date will define the earliest date on
which this member is a valid member of this role. Click the calendar |
Active to Dt |
Allows you to deactivate a member's association with a role on a specific date. The date you enter defines the date the user is no longer a member of this role.
Click the calendar |
Unit Number |
Click the lookup |
Descends Hierarchy |
Click within the checkbox |
Actions |
Click the inactivate
|
The Delegations section of the Role administration maintenance document allows you to identify delegates associated with the role. Delegates are users that a member of this role has authorized to have the same permissions and take the same actions the member is authorized to take.
|
If the members of a role require qualifying values, the delegation requires these values as well. In most cases, delegates must have the same qualifiers as the role member they are associated with. |
Figure 1474 Role Administration Maintenance Document – Delegations Section Example
Table 915 Role Administration Maintenance Document – Delegations Section Field Descriptions
Column |
Description |
Role Member |
Click the lookup |
Member Type Code |
Delegates may be principals (as defined on the Person
document), groups or other roles. Select the type of delegate you want to
add to this role. Use the drop-down |
Member Identifier |
Click the lookup |
Member Namespace Code |
Display-only based on Member Identifier field selection. Identifies the namespace associated with the selected delegate. Note that only delegations to groups or roles will display a member namespace code. |
Member Name |
Shows the name of the selected delegate. Click
the lookup |
Active From Date |
If you want you can qualify this delegate's association
with this role by date. Entering a from date will define the earliest date
on which this delegate is a valid delegate for this role. Click the
calendar |
Active To Date |
Allows you to deactivate a delegate's association with
a role on a specific date. The date you enter defines the date on which
the user is no longer a delegate for this role. Click the calendar |
Unit Number |
Click the lookup |
Descends Hierarchy |
Click within the checkbox |
Delegation Type Code |
This selection only applies to responsibilities
associated with the role and indicates if the delegate will receive
documents directly in their action list (Primary) or may choose to view
documents in their action list using the secondary delegate dropdown
(Secondary). Select either Primary or Secondary from the list.
Use the drop-down |
Actions |
Click the inactivate
|
Figure 1475 Role Administration Maintenance Document Example Values
This maintenance document includes the following features that are common to most KC maintenance documents:
Table 916 Links to Common Maintenance Document Component Instructions
Common Maintenance E-Doc Component |
Cross-Reference Links To Usage Instructions |
Document Header |
|
Document Overview Section |
|
Notes and Attachments Section |
|
Ad Hoc Recipients Section |
|
Route Log Section |
|
Action Buttons |
|
|
For information about searching for, initiating, editing, copying, submitting, saving, closing, canceling, and/or routing a maintenance document, see “Common Maintenance E-Doc Operations” in the Overview section. |