Navigating the User Roles Details Page

Aspen contains many default user security roles with predefined privileges that cover most user functions in a district.

In the District view, navigate to the Admin tab, Security side-tab to view default roles and any other roles you may have created. In the details of a role, on the General sub-tab, is where you define logon preferences and available views.

security Roles Details page

In the Security Access section of the page, the Category column displays all categories from the Data Dictionary. To filter the table list to tables in a specific category, use the Category drop-down to select one. The System Table column displays Data Dictionary tables within that category.

For example, for the Grades category, Data Dictionary tables such as Grade Scale, Grade Term, and Transcript Definition appear.

Use the Navigation sub-tab to define accessible tabs and sub-tabs.

Notes:

To make changes to a default role and adjust security access, it is suggested to copy the default role, then edit it before creating new roles.

View predefined privileges for the default user roles:
- Default user roles A-P (Alignment Specialist through Principal)
- Default user roles R-Z (Registrar through System Administrator)

Privileges

Following is an explanation of the different types of privileges and what each allows a user to see and do.

Privilege	Users with this role can...
C = Create	Create new records in this Data Dictionary table. This privilege determines if the Add option appears on the Options menu.
R = Read	View information in this Data Dictionary table. This privilege determines if a page is even visible.
U = Update	Update existing records in this Data Dictionary table. This privilege determines if the Save button appears on pages.
D = Delete	Delete records in this Data Dictionary table. This privilege determines if the Delete option appears on the Options menu.
G = Global Access	Give user access to an unfiltered list of records for any table in the Aspen database that they have privileges for.
M = Mass Update	Update several records on a list. This determines if the Mass Update option appears on the Options menu.
Other	Certain roles need to perform tasks that require extra privileges. For example, an enrollment manager needs to be able to override enrollment restrictions.

User Role Types

To create the desired access to Aspen, it is best to keep roles simple and assign multiple roles to a user as needed. Roles should be organized around specific tasks or functions rather than a user’s overall responsibility. Many smaller roles are easier to maintain than a few larger roles.

Main role: A main role is for users who only need one role, such as family and student users.
Add-on role: This role is not to be used as the sole role for users. Users with this role usually have a base role and an add-on role for additional privileges.
Stand-alone role: This role can be the user’s sole role, but it is usually combined with other roles for additional privileges.