Authorize Staff Members to Use Anthology Student Features

Using the Security Console, you can authorize all active staff members to use features.

Security Console Terminology

Term	Definition
Groups	You can authorize individual users or groups. Groups are sets of staff members. For example, you can create a group that contains all of the staff members who are Admissions Representatives. It corresponds to a staff group in Anthology Student. Groups are recommended for authorizations and required if you want to control access to the data in fields.
Operations	Operations are specific actions that can be taken for features (such as get or save).
Tasks	Tasks are collections of operations that accomplish a task. For example, there is one task that authorizes a user or group to: View Admissions documents using the Document Tracking feature (includes only the get operation) Edit Admissions document using the Document Tracking feature (includes both the get and save operations) There are two types of tasks. Built-in tasks installed with the product that authorize users or groups to take actions for features Custom tasks that you create that organize the built-in tasks or other custom tasks that you have created
Roles	Roles can also be used to organize built-in tasks or your custom tasks around the job functions in your institution.

While there is also the option of creating custom tasks that include operations instead of built-in tasks, this is not recommended for Anthology Student. The built-in tasks already contain all of the operations required to successfully take the actions for all features.

Nested Groups, Custom Tasks, and Roles

To help you organize your authorizations, groups, custom tasks, and roles support nesting. For example, you could create:

Groups for each role in a department, and then create a group that contains those groups
Roles for each role in a department, and then create a role that contains those roles

Predefined Roles

To help you get started, Anthology Student is installed with predefined roles that contain the set of tasks needed for the role. For example, there are predefined roles that contains all the tasks for the features that are used by Academic Advisors and Financial Aid Advisors.

The predefined roles are prefixed with Anthology. For example:

Anthology Academic Advisor
Anthology Financial Aid Advisor

You must copy the roles to modify them. They cannot be edited or deleted.

The system is designed in such a way that you cannot add permissions to built-in roles. To add additional permissions, a similar role can be created and provided with the required permissions and authorizations.

Methods for Organizing Authorizations

While you can authorize users on a task-by-task basis, in most cases you will want to organize your staff members and then create groups so that you can authorize all the staff members in the group at once (recommended).

Then, you can either organize the built-in tasks and create:

Custom tasks that contain combinations of built-in tasks
Roles that contain combinations of built-in tasks (recommended)

Once you have organized the built-in tasks into custom tasks or roles, you can authorize all the staff members in a group for multiple tasks at once.

Procedures for Organizing Authorizations

Use the table to determine the procedure to follow for the methods you have decided to use.

Method You Want to Use	Actions to Take
Organize your staff members and then create groups (recommended)	Select Groups on the ribbon. Under GROUPS, select New. In the New Group dialog, specify the Name and Description (Description is optional). Select OK. The Group Members list for your new group is displayed. (The list is empty until you add users.) Select Add Users. In the Add Users dialog, select the names of the users and select OK. The Group Members list is redisplayed with the names listed.
Organize the built-in tasks and create custom tasks	Select Tasks on the ribbon. If you want to: Create a new task, select New under TASKS Copy an existing task and all of its permissions and authorized users and groups, select Copy under TASKS In the dialog, specify the Name and Description (Description is optional). Select OK. The Permissions list is displayed. (The list is empty until you add permissions.) If you want to add permissions, select Add Permissions. In the Add Permissions dialog, select a built-in task and select OK. The Permissions list is redisplayed with the built-in task added. You must repeat steps 5 and 6 for every built-in task that you want included in your custom task. You can also use Remove to remove permissions.
Organize the built-in tasks and create roles (recommended)	Select Roles on the ribbon. If you want to: Create a new role, select New under ROLES Copy an existing role and all of its permissions and authorized users and groups, select Copy under ROLES In the dialog, specify the Name and Description (Description is optional). Select OK. The Permissions list is displayed. (The list is empty until you add permissions.) To add permissions, select Add Permissions. In the Add Permissions dialog, select a built-in task and select OK. The Permissions list is redisplayed with the built-in task added. Repeat steps 5 and 6 for every built-in task that you want included in the role. You can also use Remove to remove permissions. For example, if you want the Clear Cache option in Anthology Student (which is a System Administrator role), you must add Common.Cache.Clear to the user's role. It is applied per role and not per user.

Method You Want to Use

Actions to Take

Organize your staff members and then create groups (recommended)

Select Groups on the ribbon.
Under GROUPS, select New.
In the New Group dialog, specify the Name and Description (Description is optional).
Select OK. The Group Members list for your new group is displayed. (The list is empty until you add users.)
Select Add Users.
In the Add Users dialog, select the names of the users and select OK. The Group Members list is redisplayed with the names listed.

Organize the built-in tasks and create custom tasks

Select Tasks on the ribbon.
If you want to:
- Create a new task, select New under TASKS
- Copy an existing task and all of its permissions and authorized users and groups, select Copy under TASKS
In the dialog, specify the Name and Description (Description is optional).
Select OK. The Permissions list is displayed. (The list is empty until you add permissions.)
If you want to add permissions, select Add Permissions.
In the Add Permissions dialog, select a built-in task and select OK. The Permissions list is redisplayed with the built-in task added.

You must repeat steps 5 and 6 for every built-in task that you want included in your custom task. You can also use Remove to remove permissions.

Organize the built-in tasks and create roles (recommended)

Select Roles on the ribbon.
If you want to:
- Create a new role, select New under ROLES
- Copy an existing role and all of its permissions and authorized users and groups, select Copy under ROLES
In the dialog, specify the Name and Description (Description is optional).
Select OK. The Permissions list is displayed. (The list is empty until you add permissions.)
To add permissions, select Add Permissions.
In the Add Permissions dialog, select a built-in task and select OK. The Permissions list is redisplayed with the built-in task added.

Repeat steps 5 and 6 for every built-in task that you want included in the role. You can also use Remove to remove permissions.

For example, if you want the Clear Cache option in Anthology Student (which is a System Administrator role), you must add Common.Cache.Clear to the user's role. It is applied per role and not per user.

For help determining which built-in tasks to select, refer to Determine the Built-In Tasks to Select.

Details for the Add Permissions Dialog

The Add Permissions dialog also supports searching and filtering. The table shows the options.

What You Want to Display	Check Boxes to Select
Show built-in tasks	Show Tasks Show Built-in Tasks
Show custom tasks	Show Tasks
Show only display roles (applies to roles only)	Show Roles

What You Want to Display

Check Boxes to Select

Show built-in tasks

Show Tasks

Show Built-in Tasks

Show custom tasks

Show Tasks

Show only display roles (applies to roles only)

Show Roles

Methods for Authorizing Users and Groups

There is more than one method for authorizing users and groups. You can authorize:

Users and groups by role
Users and groups by custom task or built-in task
Groups for custom tasks or roles (recommended)

Procedures for Authorizing Users and Groups

Use the table to determine the procedure to follow for the method you have decided to use.

Method You Want to Use	Actions to Take
Authorize a staff member or group for a role	Select Roles on the ribbon. Select the role in the ROLES list. If you want to authorize a: User, select Authorize User Group, select Authorize Group In the dialog, check the boxes next to the names and select the OK button.
Authorize a staff member or group for a custom task or built-in task	Select Tasks on the ribbon. Select the task in the TASKS list. If you want to authorize a: User, select Authorize User Group, select Authorize Group In the dialog, check the boxes next to the names and select the OK button.
Authorize a group for multiple custom tasks, built-in tasks, or roles at once (recommended)	Select Groups on the ribbon. Select the group in the GROUPS list. Select Add Authorization. In the dialog, select the task or role in the list and select the OK button. You must repeat steps 3-5 for each task or role you want to authorize for the group.

Method You Want to Use

Actions to Take

Authorize a staff member or group for a role

Select Roles on the ribbon.
Select the role in the ROLES list.
If you want to authorize a:
- User, select Authorize User
- Group, select Authorize Group
In the dialog, check the boxes next to the names and select the OK button.

Authorize a staff member or group for a custom task or built-in task

Select Tasks on the ribbon.
Select the task in the TASKS list.
If you want to authorize a:
- User, select Authorize User
- Group, select Authorize Group
In the dialog, check the boxes next to the names and select the OK button.

Authorize a group for multiple custom tasks, built-in tasks, or roles at once (recommended)

Select Groups on the ribbon.
Select the group in the GROUPS list.
Select Add Authorization.
In the dialog, select the task or role in the list and select the OK button.

You must repeat steps 3-5 for each task or role you want to authorize for the group.

When the Authorizations Will Be Available

Once you have specified tasks or roles for users or groups, your changes are available immediately in Anthology Student.

If your changes are not available, you can clear the cache.

If you are in:

Anthology Student, select the down arrow next to your user ID in the command bar and select the Clear Cache command
The Security Console, select the Tools menu and Update Anthology Student security cache command

Edit and Delete Groups, Roles, and Tasks

You can also edit and remove groups, roles, and tasks using Edit and Delete displayed above the lists. You cannot edit or remove built-in tasks.

Troubleshooting Security Problems for Groups and Staff Members

You can quickly troubleshoot security problems for staff members.

Take the appropriate action based on what you know about the staff member.

What You Know	Action to Take
Their name	On the toolbar, select Tools. Select View Staff Permissions. Select the name of the staff. Select the View Groups and Authorizations button.
Their name and one or more of their groups	Select Groups on the ribbon. Select the name of one of the groups where they are a member. In the Group Members window, right-select their name and select View Groups and Authorizations.

The Security Console displays a dialog that shows all of the:

Groups where the staff member is a member
Roles and tasks where the staff member is authorized

When you are done reviewing the dialog, select the Close button.

Troubleshooting Example

A staff member can log in to Anthology Student, but the Home page is blank. It displays only the command bar.

In the Security Console, select Tools > View Staff Permissions. The View Staff Permissions dialog is displayed.
In the View Staff Permissions dialog, search for the name of the staff member, and select the View Groups and Authorizations button. The View Groups and Authorizations dialog is displayed.
After you determine that the staff member is not linked to any Groups or Authorizations, select Close in the View Groups and Authorizations dialog and in the View Staff Permissions dialog.
Navigate to Groups and select a group for the staff member.
On the General tab of the Group Members list, select the Add Users link.
In the Add Users dialog, search for the user, select the user, and select OK. The user's name is added to the Group Members list.
To ensure that the changes take effect immediately, select Tools > Update Anthology Student security cache.