A role is a set of rights that you can make available to one or more users. You can define roles in Horizon according to the roles that exist in the library and the rights you want for each role. (For example, you can define roles for cataloging, circulation, acquisitions, or any other category you choose.)
A passkey is an earlier version of a role. Like a role, a passkey defines a set of rights that you can assign to one or more users. However, passkeys are more limited than roles. You can assign only one passkey to a user, but a user can have multiple roles.
Passkeys give users access to processes that are secured with an earlier security system. With future Horizon releases, these processes will be updated for use with roles instead. Until then, you will need to use both passkeys and roles to grant rights to users.
Roles and passkeys use privileges and permissions. Roles also use CRUDO settings. The following settings are explained below:
• | Privileges |
• | Permissions |
• | CRUDO Settings |
A privilege is the right to access a secured process. You assign privileges to roles and passkeys to give users access to Horizon processes. There are hundreds of secured processes in Horizon (for example, the process for canceling a hold in Circulation and the process for creating a bib record in Cataloging, to name two). With future Horizon releases, role privileges will replace most, if not all, passkey privileges. (For a list of passkey privileges, see Passkey Privileges. For a list of role privileges, see Role Privileges.)
A permission defines the level of access for role and passkey privileges. There are three permissions:
When a user’s permission for a privilege is Approval Required, Horizon prompts the user for a user name and password when he or she tries to access the privilege. This prompt lets another staff member (such as a supervisor) grant the user access by entering his or her user name and password. If the new user has the needed rights, the user is allowed to proceed. This action does not change the current user; it simply grants the original user one-time access to the privilege. Approval must be given each time the user attempts to access the privilege.
• | None. Applies to role privileges only. Gives users no access to the privilege, and hides the element used to activate the process from the user interface. This is an implicit permission (that is, you do not explicitly set this permission in the user interface). Users have this restriction for all role privileges not assigned to them. |
Processes controlled by role privileges are not displayed to a user until (or unless) you grant the corresponding privileges to the user.
Processes controlled by passkey privileges are displayed even if you have not given the user right to the process. However, the user cannot execute the process without getting approval first.
CRUDO settings define rights for editing records of a certain type. “CRUDO” is an acronym for the rights you can assign. They are Create, Read, Update, Delete, and Owner change (that is, the right to change the owner assigned to a record). (For information about owners, see Ownerships.)
You can use CRUDO settings with bibliographic records, authority records, and workforms; they may be available with other record types in future Horizon releases. You assign CRUDO settings to one or more roles as necessary to grant these rights to users. CRUDO settings are available for roles only; they are not available for passkeys.
© 1998-2017 Sirsi Corporation