Differences

This shows you the differences between two versions of the page.

--- en:2.0:rollen-_und_benutzerrechteverwaltung [2022/11/07 11:05] – [What are roles ?] fasse
+++ en:2.0:rollen-_und_benutzerrechteverwaltung [2024/11/29 19:20] (current) – [Properties] greno
@@ Line 3: / Line 3: @@
 ===== What are roles ? =====
-Besides [[en:2.0:profile|member profiles]], roles are the central element of Admidio. With the help of roles you can map the structure of your organization, group or club to Admidio. A role can have different functions. Roles can be used to group members. They can be divisions, such as soccer or yoga, but also a position in the club, such as the board or the cashier. Also single events, like camps or barbecues, can be defined as roles and so the participating members can be grouped. Later you can assign the different roles to each person you have created, but also remove them again.
+Besides [[en:2.0:profile|member profiles]], roles are the central element of Admidio. With the help of roles you can map the structure of your organization, group or club to Admidio. A role can have different functions. Roles can be used to group members. They can be divisions, such as soccer or yoga, but also a position in the club, such as the board or the cashier. Also single events, like camps or barbecues, can be defined as roles and so the participating members can be grouped. Later you can [[en:2.0:rollenmitgliedschaft|assign the different roles]] to each person you have created, but also remove them again.
 In addition to structuring your organization, you can also set the appropriate permissions via the roles. You can configure the [[en:2.0:profile#when_can_I_view_a_profile|access to profiles]] of your members. Permissions of role members for other Admidio modules can also be stored per role. Also the setting who is allowed to send messages to the members of this role can be defined per role.
@@ Line 15: / Line 15: @@
 ===== What are the advantages of roles ? =====
-Besides mapping your organization and assigning members to the different roles, a big advantage of roles is the output of member lists. These can be created and edited in **Roles and Groups** via the menu item **Edit Lists**. You can assign any profile fields to a list and then make it available for you or as an administrator for all logged in users. The list configuration can be applied to each role and allows you to export the data as a file in CSV, Excel, Open-Office or PDF format.
+Besides mapping your organization and assigning members to the different roles, a big advantage of roles is the output of member lists. These can be created and edited in **Groups & Roles** via the menu item **Configure lists**. You can assign any profile fields to a list and then make it available for you or as an administrator for all logged in users. The list configuration can be applied to each role and allows you to export the data as a file in *.xlsx, *.ods, *.csv or PDF format.
 Another important feature of the roles is to assign different rights. This starts with the right to create, edit or delete entries in various Admidio modules. Furthermore, rights can be assigned to view and edit member profiles. Finally, the right can also be assigned to create additional roles, edit or assign members to individual roles.
-===== How to set up rolls ? =====
+===== How to set up roles ? =====
 You can add a new role in the overview **Groups & Roles** by clicking the button **Create Role**. The dialog for creating a new role will open. This dialog is divided into several sections, which are briefly described below.
@@ Line 27: / Line 27: @@
 {{:en:2.0:roles:new-role-name-category.png?400|name & category}}
-==== properties ====
+==== Properties ====
-The properties define who is allowed to send **emails** to this role. By default, all **logged in users** are always allowed to do this. However, you can also specify that only **role members**, **visitors to the website** or **none** can do this. Always choose only the necessary setting here. Visitors should usually only contact the administrator or the board.
+The properties define who is allowed to send **e-mails** to this role. By default, all **logged in users** are always allowed to do this. However, you can also specify that only **role members**, **visitors to the website** or **Nobody** can do this. Always choose only the necessary setting here. Visitors should usually only contact the administrator or the board.\\ \\
-The property **See role membership** also implies that you can access the profile of the respective role members. So it is a very broad setting. The default allows other role members to do this. It can additionally be selected whether **all logged in users** or **none** can see the role membership and thus the profile.
+The property **View Role Memberships** determines who has the right to view the [[en:2.0:rollenmitgliedschaft|role membership]] for this role. This is normally set to **Role Members**, but can also be disabled by selecting **Nobody**. It is possible that only the **leaders** of this role or that all **Logged-in users** can view the role members. Users who have the right to view the membership can call up lists of roles and then view the first names and surnames of the role members. Other fields are not visible at first, even if they are stored in the list. If a user is allowed to call up a profile, he or she will also view the role membership in the profile. \\ \\
-If leaders are assigned to a role, the **leader:in** setting can be used to specify whether these leaders should be assigned special rights. By default, there are no additional rights, but it can be specified that they can assign or remove new members from this role or edit the profiles of individual role members. The additional rights should be set with caution, since with it far-reaching possibilities exist in particular if leaders get both rights.
+The property **View profiles of role members** enables the user to call up the profiles of all role members and to view the complete lists with all profile fields for the role. Again, there is a choice of **Nobody**, **Role Members**, **Leaders** or **Logged-in Users**.\\ \\
+If [[en:2.0:rollenmitgliedschaft#what_is_the_function_of_leaders|leaders]] are assigned to a role, the **Leader** setting can be used to specify whether these leaders should be assigned special rights. By default, there are no additional rights, but it can be specified that they can assign or remove new members from this role or edit the profiles of individual role members. The additional rights should be set with caution, since with it far-reaching possibilities exist in particular if leaders get both rights.\\ \\
 If you want to see certain profile fields when displaying the role members, you can choose an individual **default list**.
-The number of role members is limited by the **Max.participants** field. A value of 0 allows unlimited assignment of members and is the preselection here.\
+The number of role members is limited by the **Max.participants** field. A value of 0 allows unlimited assignment of members and is the preselection here.\\ \\
 **Contribution** and **Contribution period** are purely informative fields, which only gain importance through the additional plugin [[en:plugins:mitgliedsbeitrag|Membership fee]].\\
 {{:en:2.0:roles:new-role-properties.png?400|name & category}}
@@ Line 39: / Line 40: @@
 The roles can be used not only to get an overview of groups or functions, but also to give the associated members appropriate permissions for certain modules in Admidio. The following permissions can be stored for a role.\\
 {{:en:2.0:roles:new-role-permissions.png?400|permissions}}
-  * **Manage and assign roles**\ With this setting, members get the ability to create, edit and delete roles themselves, as well as assign other members to roles. This is a very powerful permission and should usually only be assigned to the board or administrator:in.
+  * **Organize and assign roles**\\ With this setting, logged in users get the ability to create, edit and delete roles themselves, as well as assign other members to roles. This is a very powerful permission and should usually only be assigned to the board or administrator:in.
-  * **View member lists of all roles**\\ This permission allows members to view all member lists of all roles. This also includes the possibility to view the profiles of the members. This permission should also be assigned with care and usually only to the board or administrator.
+  * **View member lists of all roles**\\ This permission allows logged in users to view all member lists of all roles. This also includes the possibility to view the profiles of the members. This permission should also be assigned with care and usually only to the board or administrator:in.
-  * **Manage and assign registrations**\ This permission gives access to the module //New registrations//. Members see new registrations there and can accept them, assign them to existing members or reject the registration.
+  * **Manage and assign registrations**\\ This permission gives access to the module [[en:2.0:registration|Registrations]]. Logged in users see new registrations there and can accept them, assign them to existing contacts or reject the registration.
-  * **Write emails to all roles**\ This permission allows members to write emails to all configured roles of this system in the **Messages** module.
+  * **Send e-mails to all roles**\\ This permission allows logged in users to write emails to all configured roles of this system in the **Messages** module.
-  * **Edit profile data of all members**\\ This permission allows members to view and edit all profiles of all members. They get access to the module //Members//. This permission should also be assigned with care and usually only to the board or administrator.
+  * **Edit profile data of all contacts**\\ This permission allows logged in users to view and edit all [[en:2.0:profile|profiles]] of all contacts. This permission should also be assigned with care and usually only to the board or administrator:in.
-  * **Edit own profile**\ Members can edit their own profile.
+  * **Edit own profile**\\ Logged in users can edit their [[en:2.0:profile|own profile]].
-  * **Manage Announcements**\ Members get the permission to create new entries, edit or delete existing entries in the module //Announcements//.
+  * **Manage Announcements**\\ Logged in users get the permission to create new entries, edit or delete existing entries in the module //Announcements//.
-  * **Manage Appointments**\ Members get the permission in the module //Appointments// to create new entries, edit existing entries or delete them.
+  * **Manage Events**\\ Logged in users get the permission in the module [[en:2.0:events|Events]] to create new entries, edit existing entries or delete them.
-  * **Upload and edit photos**\ Members get the permission in the module //Photos// to create new entries, edit existing entries or delete them.
+  * **Upload and edit photos**\\ Logged in users get the permission in the module //Photos// to create new entries, edit existing entries or delete them.
-  * **Manage documents and files**\ Members can assign access permissions for all folders in the //Documents and Files// module. This can be used to determine which roles are allowed to view and download files in each folder, as well as which roles are allowed to upload files and create additional folders in each folder.
+  * **Manage documents and files**\\ Logged in users can assign access permissions for all folders in the //Documents and Files// module. This can be used to determine which roles are allowed to view and download files in each folder, as well as which roles are allowed to upload files and create additional folders in each folder.
-  * **Edit and delete guestbook entries**\ Members get permission to create new entries, edit existing entries or delete entries in the //Guestbook// module.
+  * **Edit and delete guestbook entries**\\ Logged in users get permission to create new entries, edit existing entries or delete entries in the //Guestbook// module.
-  * **Create comments to guestbook entries**\ Members get the permission to create comments to existing guestbook entries in the module //Guestbook//.
+  * **Create comments to guestbook entries**\\ Logged in users get the permission to create comments to existing guestbook entries in the module //Guestbook//.
-  * **Manage Web Links**\\ Members get the permission to create new entries, edit or delete existing entries in the module //Weblinks//.
+  * **Manage Web Links**\\ Logged in users get the permission to create new entries, edit or delete existing entries in the module //Weblinks//.
-==== appointments / meetings ====
+==== Appointments / Meetings ====
-The appointment settings are optional and should only be filled if needed. Here you can define dates for regular meetings. These appear at the moment only in the list overview and are not yet automatically entered into the appointment module.\\
+The appointment settings are optional and should only be filled if needed. Here you can define dates for regular meetings. These appear at the moment only in the list overview and are not yet automatically entered into the [[en:2.0:events|events]].\\
 {{:en:2.0:roles:new-role-appointments.png?400|appointments / meetings}}
@@ Line 64: / Line 65: @@
 ===== What are active and inactive roles ? =====
-Newly created roles are active and visible. You can assign new members to these roles and assign rights, which are then also immediately applied.
+Newly created roles are active and visible. You can [[en:2.0:rollenmitgliedschaft|assign new members to these roles]] and assign rights, which are then also immediately applied.
 If a role is actually no longer valid, for example because a team has disbanded, or the event of the role is in the past, you do not necessarily want to delete the role directly. You may want to be able to see later who was a member of this role, or invite by e-mail to an alumni meeting of the role members. But the role should not appear in selection lists and the members should not get any rights through this role. You can make such a role an **inactive role** by clicking the **deactivate role** icon in the role overview. The assignment of the members remains, they can still have a valid membership within the role, but all rights of this role are removed and the visibility of the role is strongly limited.