Managing roles

Last modified by Aurelie Bertrand on 2025/11/24 15:08

The Roles tab on the User Management page allows you to create, search for, edit and delete roles.

As a reminder, a role is used to compartmentalise the different elements used in DigDash Enterprise - data models, Flows and pages - and thus secure access to data. One or more roles can be assigned to each user.
The role generally corresponds to a corporate function: HR, Finance, Production.

Roles tab

All existing roles are listed here.
For each role:

  • the Priority, if defined, indicates the order in which the roles are displayed in the interfaces;
  • the Parent Role column indicates the name of its parent role if it has one, or if it is a parent role via the icon 1756370637096-905.png. In the latter case, a tooltip displays the child roles;
  • you can see the number of users who have them in the Associated users column and display them by clicking on the View users (n) link.

Creating a role

ℹ The role identifier is assigned automatically. It cannot be changed. It will be visible when editing the role.

To create a role:

  1. Click the New Role button.
    ➡ The New Role window is displayed.
  2. Enter the Name of the role.
  3. By default, the role is assigned to the user creating the role. Uncheck the Assign to Role Name box if required.
  4. Enter the Priority if required. Priority is used to manage the order in which roles are displayed in dashboards (and interfaces displaying the list of roles). The smaller the number, the higher the priority. The priority 1 role will be displayed before the priority 2 role. If the priority is not entered, alphabetical order will be used.

💡 It is advisable to leave a gap of several priorities between each role so that one or more future roles can be inserted between them if necessary.

  1. You can define a Role Password to lock the role for all users: it will be protected from any modification until the password is entered. See the paragraph Lock a role below for more details.
  2. You can assign a Parent Role to the role so that it inherits its data models by default.
    If data models are deleted/added in the parent role, they will also be deleted/added in the role; no refresh is required.
    If a data model is added in the role, it will not be added to the parent role.
    A role can only have one parent role. A parent role cannot itself have a parent. A role with a parent role (child role) cannot be a parent role.
    ❗It is no longer possible to modify the assigned parent role once the role has been created. The field will be greyed out.

ℹ Sharing authorisation must be enabled for data models. See paragraph Authorise data model sharing for more details.

  1. Click View and manage users to assign or remove this role to different users.
  2. Click Save.

New role

Locking a role

Configuring a password locks the role for all users until the password is entered, to protect it from modification.
Modification of the role's components will be locked in the Studio or Dashboard Editor (data models, flows, dashboard editing, items restricted to the role).
If the role is unlocked, it will be effective for the duration of the session. The role will be locked again the next time you log in.

  • Editing the role

The role is indicated as locked. When saving a modification, the password is requested.

1763981958698-545.png

  • Studio

A padlock icon is added after the role name and the New template or New Flow button is replaced by the Unlock role button.
In the Flow tab, a "Read only" indication and a padlock icon are also added after the portfolio name.

To unlock the role, click on the dedicated button or right-click on the role and then click on Unlock Role to enter the password.

Studio
 

  • Dashboard Editor

A message tells the user that they do not have rights and a padlock icon is added after the role name.

To unlock the role, right-click on it and then click Unlock to enter the password.

Dashboard editor

Searching for a role

To search for a role, enter the search term in the search field and click Search.

When you type in the search bar, a list of roles is suggested.

Search

Click on a role in the pop-up list to edit it directly.

Editing a role

To edit a role :

  1. Click on the 1733391298932-561.png button in front of the role name.
  2. In the edit panel that appears, you can view the role identifier.​​​​​​​Edit role
  3. Change the desired settings and click Save.
    ➡ A dialog box summarising the changes made is displayed.

Reminder:

  • The role identifier is assigned automatically. It cannot be changed.
  • The Parent Role cannot be modified after the role has been created.
  1. Click OK to confirm your changes.

Deleting a role

To delete one or more roles, select the corresponding checkbox(es) and click on the Delete button.

Viewing the members of a role

To view the users attached to a role, from the list of roles, click on the View users link . Users belonging to the role are displayed in the Users section.

Checking roles

The Check Roles function consists of identifying the roles pointed to by files present in the data folder but which do not exist in the LDAP. It is possible to repair them, i.e. add them back to the LDAP.

This can, for example, be useful in the event of an LDAP crash. All the LDAP entries for all the roles found in the data folder can be recreated in this way.

To do this

  1. Click on the Check Roles button.
    ➡ The Check Roles box is displayed.
    Check roles
  2. Select Repair for each role to be added to the LDAP or Repair All to repair all the roles.
    - or -
    select Delete to delete a role permanently or Ignore to do nothing.
  3. Click Validate.