Understanding Role Conflicts in Org Roles/Permissions
The Role Conflicts settings determine the access level of User Roles within the Org Roles/Permissions hierarchy in the Contract Logix account.
Located on Org Roles/Permissions page in the Application Settings, the setting Role Conflicts determines the behavior of access when different Roles are assigned to users.
Please see Roles Apply for more information on Global or Organizational settings. Within the Role Conflicts setting, click to select from the following:
Most | Least |
When more than one of a user's roles apply to a record they are accessing, the user's permission level for that record will be the highest level from among their roles. NOTE: A conflict between two roles may or may not exist for a given record, depending on the selected Roles Apply/Scope setting. | When more than one of a user's roles apply to a record they are accessing, the user's permission level utilized for that record will be the lowest level from among their roles. NOTE: A conflict between two roles may or may not exist for a given record, depending on the selected Roles Apply/Scope setting. |
This mode is best suited for systems where the "shape" of access areas for a user is additive in nature. | This mode is best suited for systems that require exceptions which lower or deny a user's access within certain organizational areas. |
It is recommended in the Organizational Hierarchy of your Org Roles/Permissions that the highest organizational level (Corporate) be reserved and Roles configured for users who need the highest level of record access, and then build distinct sub-organization levels in which access is more narrowly defined ad controlled through these settings.
NOTE: When defining role permissions, there is also an option called Access All Org Ownership to ignore the Organizational Ownership field for a specified object type, thus allowing users in that role access to all records of that type regardless of which sub-organization “owns” the record.