Introduction
Before we dive into the detail, let's explain some of the basics about what Users and Roles are in CiviPlus.
A "User" is simply someone who can log onto CiviPlus and/or the Self-Service portal, and their "Role" says what "Permissions" the User has to access modules and data, and what actions they can take.
CiviPlus uses the Security Services provided by the underlying Content Management System (CMS). This allows you to grant (or not grant) access to entire sections of CiviPlus to User Roles, such as Mail, Events, etc. It also allows you to restrict the User's ability to view, edit, add and delete records such as contacts, events and contributions.
Although the majority of customers find that the Roles and Permissions availabe out of the box are sufficient for their purposes, it is worth pointing out that there are additional Access Control features in CiviPlus that allow you to differentiate between contacts who fall into different groups, for instance. This more nuanced aspect of Role Based Access Control is covered in a separate article in the Knowledge Base.
Roles and Permissions
CiviPlus is configured with a number of standard Roles, as shown below.
CiviPlus Roles
CiviCRM Admin
SSP Manager
CRM user (Fundraising)
CRM user (Events)
CRM user (Mailing)
CRM user (Membership)
CRM user (Cases)
Review Panel Member
CRM user (Awards Manager)
Webform Manager
Member
For each role a standard set of permissions is specified - there are hundreds of them covering every module and action so CiviPlus makes it easy to be precise about what each user can and can't see and do.
Adding a user
There a number of ways that a user can be added to CiviPlus. The easiest is to simply add a new Individual from the CiviPlus Contacts menu and fill in the normal details. Make sure that you enter an email address, and then before saving the record add the Create Drupal Account tag to the contact.
Because you added the Create Drupal Account tag, when you save the new contact a User will be automatically created in the CMS with the default Role of "Authenticated User", and an email sent to the contact's email address with a link inviting them to log in to the Self-Service Portal, after setting their password.
There are many other ways of adding users to the system, depending on how your system is configured:
As part of the initial system setup existing users can be created during the import process.
CiviPlus Administrators can click the Add User link from the SSP menu.
Depending how your CiviPlus has been configured, new users can register themselves on the Self-Service Portal sign-on page:
Your system may have join up, membership or donation forms that cause a new user to be created.
Within the My Organisations section of the Self-Service Portal, an organisation administrator add a new user, who will receive an email invitation to complete a first time password reset before being allowed to log in.
Assigning Roles to Users
The default Role for a new User is "Authenticated User", which means they have access to the Self-Service Portal features. If you want a user to have access to other parts of CiviPlus you need to change their role(s), which is easy to do using the CMS administration pages. In this example we are going to change the roles of multiple people at the same time, but you can do it to individual users if you want.
Firstly, navigate to the Home --> Administration --> People
Now select the users whose roles you want to change, and choose the Change User Roles option from the Bulk Operations dropdown at the bottom of the page.
When you click Apply you will see a page that allows you to choose which Role(s) you want to add to these Users, and which Roles(s) you want to remove (in this case we are not removing any roles). Select the appropriate Roles in each dropdown (in this example, CiviPlus Admin Role is being added, and no Roles are being removed), and then click Next.
You are now ready to apply these Role changes to the selected users. Click Confirm to make the changes, or Cancel to start again from the People page.
