- UO_END_USER_EDIT role
- Calendars
- Message Templates
- Notifications
- Reports
- UO_END_USER_NON_EDIT role
- Applications
- Calendars
- Chains
- Explorer
- Logins
- Message Templates
- Modules
- Notifications
- Reports
- Requests
- LOGIN_[end_user] role (where end_user is your AppWorx UserID)
- Calendars
- Explorer
- Message Templates
- Notifications
- Reports
AppWorx Security/Priviliges Guide
Introduction
This document will serve as a guide for the AppWorx Security and Privileges plan within the framework of the University of Oregon's business model. This document is a paraphrase of the AppWorx Administration Guide, Development Guide and Operations guide. Refer to the AppWorx online documentation for further definition of terms and more detailed information. We will continue to keep this document up to date as we become more familiar with AppWorx.
AppWorx Roles
Access to AppWorx windows and objects are given using roles. Think of roles as containers to which objects and users are added. Users have access to all objects with which they share a container. Users and other AppWorx objects can be placed in more than one container. Access can further be restricted by designating Edit authorization to some roles and not to others. The number of objects and users that can be assigned to a role is basically unlimited. Objects and users can be assigned to more than one role. Users have access to all the objects in all the roles to which they are assigned.
Who is assigned AppWorx Roles?
AppWorx roles are similar to those roles set within Banner. However, AppWorx roles are not as granular and need careful planning when they are created. For instance we don't want to assign an edit role to a group of AppWorx users that would allow any one of those users to change something that didn't belong to them.
All role assignments for modules will be made within the Administrative Services group at Information Services. These roles will be assigned to the AppWorx user(s) based on the department the user belongs and their job function.
End User Roles
End users will be allowed to request modules, chains or other objects that they need to perform their job function. Each end user will need at least three roles;
This role gives privileges to the end user to allow creation of AppWorx objects where needed. For instance, end users should be allowed to create calendars for their modules, change their Oracle login, create ad hoc reports, build notifications and create messages. The edit role has the following role authorities (able to view and edit AppWorx windows) assigned to it.
In addition to this roles, there is a role called BANNER_CHAIN_EDIT. Users who are assigned this role will be allowed to create chains within the Application that they have been assigned. See Applications below.
This role will allow end users to view windows within AppWorx, but not edit any of the objects within. This role is assigned to all end users. The following role authorities (View only screens) are assigned to this role.
This role allows the end user to change his or her own Oracle database login password.
When an AppWorx end user logs in to AppWorx, their default security privileges are outlined in the table below.
| Operations Menu | Edit | View |
| Explorer | No | Yes |
| Backlog Gannt View | No | Yes |
| Graphical Forecast | No | Yes |
| Forecast | No | Yes |
| Dashboard | No | Yes |
| Requests | No | Yes |
| Object Admin Menu | Edit | View |
| Calendars | Yes (Create) | Yes |
| Applications | No | Yes |
| Chains | No (unless) Chain Edit | Yes |
| Message Templates | Yes (Create) | Yes |
| Modules | No | Yes |
| Notifications | Yes (Create) | Yes |
| Reports | Yes (Create) | Yes |
| Logins | Yes | Yes |
The Options and View Menu are available for setting personal preferences.
AppWorx Security Officer Roles
A UO_SECURITY_OFFICER_EDIT role has been created for AppWorx security officers. This role is basically the same as the UO_END_USER_EDIT role except that the security officer for each department will have access the capability of editing jobs in the backlog. Note that the only jobs the security officer will have access to are those that belong to the Application to which they are assigned.
We may create other roles as needed and as we move forward.
Applications
All banner jobs that are defined within GUAPCTL will be moved to AppWorx. The jobs will live within what AppWorx calls Applications. Applications can be thought of as modules within Banner or some other container for like objects. For example, there will be an Application called Banner Finance. All Finance GUAPCTL jobs will be moved to the Banner Finance Application within AppWorx.
