It can be difficult to know what is needed for a given Security Role to be created with the desired outcome
There is limited documentation about what each out of the box role does.
Permissions and Privileges can be difficult to understand
This document is intended to provide information that will help make the permissions and privileges existing roles have more transparent. Making it possible to better understand what is needed for specific scenarios.
The following sections are provided to help here.
Matrix that shows all permissions and privileges assigned to out of the box roles
Script that can be run in SQL or as a report that will create a matrix that includes Custom Roles
Links to Security Role related KB's that can help provide a better understanding of the SMP Security
Links to KB's that cover common scenarios
Matrix for Permissions and Privileges
The attached file "Privileges and Permissions per role.xlsx" contains the following:
Privileges - Shows All Security Roles and the Privileges assigned to them. Grouped by the Display group they are displayed in
Folder Permissions - Shows All Folders grouped by the folder path, where any permissions are specifically assigned. It does not show inherited permissions
Item Permissions - Shows Items that have security applied specifically to them by role, grouped by the path to the Item.
Permission list - List of all possible permissions, with a description and the associated guid
Privilege list - List of all possible Privileges, with a description and the associated guid
NOTE: There are filters at the top of each column that make it possible to limit the results to more usable amounts of data.
The following screenshot shows how easy it is to see the Management Privileges assigned to each role.
Script to create the Matrix
The attached "Security Matrix builder for Permissions and Privileges.sql" file has four sections, to see similar data for a different version or to include custom roles in the matrix
Get matrix for Privilege role comparison
Get matrix for Permission role comparison of Folders or Items
Get Permission list
Get Privilege list
Security Role information KB's
HOWTO85053 - Common references on Security Roles and Permissions
TECH208999 - ITMS 7.x - Removing inheritance from a specific item removes it from all security roles