Roles are simply groups of permissions created on the Admin site. You can think of them as templates for granting block access to data and services in a predictable and repeatable way. New SLIM-Collaborate sites come with a built-in set of default roles that can be used “as is” or customized to meet your security requirements and organizational structure.
To illustrate how different roles affect the data users will see and the features they can use in SLIM-Collaborate, let’s look at two roles at opposite ends of the access spectrum: The Admin role and the Stakeholder role. As you can see from the matrix below, the Admin role grants full access to the Back Office, Closeout, and Estimation services.
It also grants two function-related sets of permissions: Manage Site (this grants access to the Admin site, which is used to configure site wide settings) and Manage Projects (used to create new projects, delete projects from the portfolio, and be added as the person Primarily Responsible for individual projects). The Admin role is the closest thing to becoming a supreme SLIM-Collaborate deity as one can imagine. In addition to being able to access the Admin site, users with the Admin role can see all data – regardless of project level access settings – and do everything it is possible to do on the main Collaborate site.
At the opposite end of the power spectrum is the Stakeholder role. Stakeholders have view-only access to projects in the Estimation and Closeout services. Stakeholders can see project data and settings but can’t change them. In fact, they can’t even view the Edit dialogs for estimation and closeout projects (the project dashboard’s overview, summary, assumptions, and size details reports are provided for this purpose). But merely having service-level permissions doesn’t mean they can view all projects in the Estimation or Closeout stages! You can think of the service-level permissions as a prerequisite to being granted access to individual projects. That step occurs at the individual project level, where access to the project is controlled using the Access tab of the Edit Project dialog.
To illustrate with another example, let’s say there are 20 Estimation projects in the SLIM-Collaborate portfolio, but our Stakeholder has been granted access to only two of them. She also has View access to the Closeout service, but none of the projects in this stage have granted our fictional Stakeholder access.
Her project list will include only the two Estimation projects to which she has been granted specific access. The other Estimation projects will not be displayed in her Project List when she logs into SLIM-Collaborate, and she will not be able to see projects in the Closeout stage at all.