There are four predefined security roles within Kepion. These roles allow you to quickly assign the appropriate permissions and actions to the users in an environment.
- System Administrator
- Model Designer
- Advanced Contributor
System Administrators are added through the System module, while the rest of the roles are scoped by the application. You can manage them within Administrator > User & Group > Membership. Below is a summary of which modules each role can access.
Tip: To learn more about customized roles, please refer to the Administrator Overview article.
The highest privileged role is the System Administrator, which has unlimited access to all aspects of the system. System Administrators can create new applications and access all pages. System Administrators also have the ability to impersonate any user in the system.
You can add additional System Administrators through the Administrator tab in the System module.
In the event that no System Administrators exist within Kepion, you can assign one directly through the database. The relevant table is selected below:
The Administrator role has the privilege to manage both user security and workflow. For data security, this role can grant user access to Models and Dimension Members. For workflow, this role manages workflow configurations such as assigning users as Contributors, Approvers, and Reviewers; Form and Rule associations; and workflow filter groups. Administrators can also lock down plans to prevent additional data changes in the application.
The Model Designer role has the privilege to manage the core modeling aspects of an application, including the ability to create new Dimensions, Hierarchies, and Models. The Model Designer role is also allowed to manage Forms, Rules, and Model variables, as well as deploying the application.
The Advanced Contributor role has the privilege to use advanced features, such as transactional drill-through.