User Roles and Privileges (Role Based Access Control – RBAC)

What is RBAC?

Role-Based Access Control (RBAC) is the way in which SELMA allows you to regulate access to sections/data within the system. With RBAC, permissions are assigned to roles, and then users are assigned to those roles.

To access the RBAC interface in SELMA click on Settings -> Roles and Permissions.

Defining or Editing a Role’s Name and Description

1. Role Name:
   • The field labelled “Name” allows you to define or update the name of the role (e.g., “Admin”).
2. Role Description:
   • The “Description” field is used to add or modify a brief explanation of the role’s purpose or scope.

Managing Permissions for the Role

1. Permission Categories:
   • Permissions are grouped by categories (e.g., “account,” “campus,” “class”) for easy navigation.
2. Actions:
   • Each category has specific actions such as:
     • Edit: Modify details of the category (e.g., “Edit the Account”).
     • View: Access information (e.g., “View the Account”).
     • Create/Delete: Add or remove entities (e.g., “Campus Create,” “Campus Delete”).
3. Selecting Permissions:
   • You can enable or disable specific permissions for the role by ticking or unticking the checkboxes next to each action.
4. Indicators:
   • Icons indicate the implications of permissions:
     • Destructive (Red): Permissions that allow potentially harmful actions, like deleting data.
     • Spam (Yellow): Permissions that could involve spam-like behaviour.
     • Privacy (Blue): Permissions granting access to private or sensitive data.

The indicators help you understand what level of actions a role is able to perform. You can find a brief explanation of each icon in the top-right corner of the editing screen.

Icons indicated next to each role:

Tick the boxes you wish to add to the role and click “Save” to confirm changes to the role’s name, description, or permissions.