Managing user roles

The custom role functionality of BMC Release Process Management enables users to view and access the main tabs of the application and the specific capabilities within those tabs. Application assignments enable users to view and access an application and its objects. Roles are created and assigned to groups of users, rather than individual users. You can assign multiple roles to a group and associate the group with an application and its environments inside a team.

This topic consists of the following sections:

Default roles

BMC Release Process Management provides predefined roles that you can use and manage. Each of these default roles has access permissions preselected, although you may change these permissions as needed. For more information, see Managing-access-permissions.

The following table identifies the main tabs and objects that are accessible for each default role. If a tab is accessible, so are its objects, unless otherwise identified under Exceptions:

Default roles and permissions

Default role	Dashboard	Plans	Releases	Requests	Reports	Applications	Environment	System
Coordinator	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes^†
Coordinator	Exceptions: ^† Cannot see or access Users, Groups, and Teams options.
Coordinator Admin	Yes	Yes	No	Yes	Yes	Yes ^†	Yes	Yes^‡
Coordinator Admin	Exceptions: ^† Cannot manage packages.^‡Cannot view and manage roles.
Deployer	Yes	Yes	No	Yes	Yes	Yes	Yes	Yes^†
Deployer	Exceptions: ^† Cannot access users, groups and teams.
Deployer Admin	Yes	Yes	No	Yes	Yes	Yes ^†	Yes	Yes ^‡
Deployer Admin	Exceptions: ^† Cannot manage packages.^‡ Cannot view and manage roles.
Executor	Yes	Yes ^†	No	Yes ^‡	Yes	No	No	No
Executor	Exceptions: ^† Cannot manage plans, runs, and projects.^‡ Cannot manage requests, but can start and hold requests and move requests to the Problem state. Cannot manage steps, but can run steps.
Executor Admin	Yes	Yes ^†	No	Yes ^‡	Yes	Yes	Yes	No
Executor Admin	Exceptions: ^† Cannot manage plans and runs.^‡ Can only create, modify, start, cancel, hold, and delete requests and can inspect and manage steps.
Requestor	Yes	Yes ^†	No	Yes	Yes	No	No	No
Requestor	Exceptions: ^† Cannot manage plans, runs, or projects. Users can create, start, and edit requests and create and edit steps.
Requestor Admin	Yes	Yes ^†	No	Yes	Yes	Yes	Yes	No
Requestor Admin	Exceptions: ^† Can only view, inspect, create, and edit plans; can inspect and create runs; and can view and manage projects.
Site Admin	No	No	No	No	No	No	No	Yes ^†
Site Admin	Exceptions: ^† Cannot access settings or view integration.
User	Yes	Yes ^†	No	Yes ^‡	Yes	No	No	No
User	Exceptions: ^† Can only view and inspect plans, and view projects list.^‡ Can only inspect requests and run steps.
User Admin	Yes	Yes ^†	No	Yes ^‡	Yes	Yes	Yes	No
User Admin	Exceptions: ^† Cannot manage plans or runs, but can view plans. ^‡ Can only create, edit, hold, and delete requests.

To create a role

Go to System > Roles, and then, on the right side, click Create Role.
In the Name box, enter the role name.
(Optional) In the Description box, enter a short role description. For example, this role has a permission to modify protected requests.
In the Access Permissions list, expand Main Tabs, and then select the tabs that you want to make available to the users with this role.
Note
The Main Tabs are Dashboard, Plans, Requests, Reports, Applications, Environment, and System. Access Permissions allow you to manage the tabs and the objects on each tab that you want to be visible to groups of users with a particular role. The Main Tabs that you select under Access Permissions also determine the additional access permissions you can select. For example, if you select only the Dashboard, Plans, and Requests tabs, only permissions for those tabs are available to select and permissions for the remaining Main Tabs are not selectable.
In each of the remaining Access Permissions lists, select the appropriate user permissions.
Click Create.

To edit an existing role

Go to System > Roles.
In the Actions column, next to the role that you want to modify, click Edit.
Make your changes, and then click Update.

To make a role inactive

Go to System > Roles.
In the Actions column, click Make Inactive next to the appropriate role.
Note
You can make inactive only roles that are not assigned to any group.

To make a role active

Go to System > Roles.
In the Inactive roles list, from the Actions column, click Make Active next to the appropriate role.

To delete a role

Go to System > Roles.
In the Actions column, next to the role you want to delete, click Make Inactive.
In the Inactive list, in the Actions column, click Delete next to the appropriate role.