Application Permissions

Owned by Michael Oatley
Last updated: Jul 11, 2024 by Jessica Henderson
5 min read

Application permissions are a critical component of securing your application. Initially you are the only person with access to the application. When you are ready to publish and go live, you will need to identify who should have the ability to create submissions and who should have administrative access to all records.

How are permissions set for an app?

  • From the app's dashboard, click on the name of the app in the top left corner of the screen.

  • Select Permissions from the dropdown.

Select Permissions

Permissions can be configured for user access to an application. The Permissions settings page is divided into default categories: Administrators, All Authenticated Users, and All Anonymous Users. Below are descriptions of the roles available on the Permissions page:

Administrators

App Administrators include anyone that should have edit, update, or delete permissions for the app or its associated documents. Users can be added individually, by group, or by role. Groups and roles are created by ITS Kuali Build system administrators in the Kuali Groups area.

If a group is given the Administrators permission, members of that group will inherit all permissions selected.

If a role is given app Administrators permission, anyone assigned to that role will inherit all of the permissions selected.

All Authenticated Users

ALL users who are able to successfully log into the system will be included in the All Authenticated Users section. Generally, permission is set to Create documents in this app, depending on the requirements of the app.

Permission settings for this category will apply to all records. It is recommended that caution and careful planning occur prior to configuration. In most cases Create documents in this app would be the only option selected. The only exception is the creation of a form for lookup of public information where all users are able to see all records in the application.

All Anonymous Users

Anonymous Users in Kuali Build refers to any user that is unable to log in to the system. It is possible to share Kuali Build apps and forms with unauthenticated users. The "All Anonymous Users" section on the Permissions page is where access to create and submit forms in the app is configured.

Anonymous forms have limited capability since there is no authenticated user. A draft cannot be saved, the form cannot be returned, and anonymous users cannot participate in workflow. Email notifications can be sent to an email address provided on the form. Additionally a pdf copy of the form can be sent.

Add New Role

The Add a Role feature at the bottom of the Permissions page provides the ability to add roles to the app. When there are requirements for a unique subgroup of people with permissions other than App Administrators, Authenticated Users, or Anonymous Users, new role(s) may need to be created.

You configure permissions for the new role similar to how you do it for other roles. Specific users, groups, or system roles can be added to the app permissions role. 

A newly created role from an App Permissions page is only created for that app specifically. It does not create a new role in the Kuali Groups area. To create a new group or role that is available system-wide, submit a request via the Technology Support Center Portal at techsupport.uconn.edu.

What permissions are available?

There are several permission options available to customize user experience. Below is a list of each permission and its description:

  • Administer, design, and publish this app: This allows the user to edit, publish and delete an app in addition to full document privileges.

  • Create documents in this app: This allows the user to complete a form in an app. (Reminder: Completed forms in Kuali Build are called Documents). This permission is typically granted to users that will be filling out forms.

  • Read documents in this app: This permission grants a user with READ access to all documents (completed forms) for an app and provides access to the Document List. 

  • Access the Document List: This will give users access to view the document list, but the ability to view individual documents will be based on the conditional permissions that are configured for those documents. This could mean that people may see an empty document list.

  • Update documents in this app: This allows the user to make changes to any completed fields in a document (a submitted form).

  • Delete documents in this app: This allows the user to delete any documents (submitted form) in an app.

How is app access granted to large groups of people? 

Individuals and small groups of people can be given access to apps using the Groups and Roles functionality; however it may be necessary to provide large groups of people (800+) with access to forms. For example, it may be required to make a form for all faculty at the university but not students. Rather than using the Kuali Build Group functionality to grant these permissions, it is recommended that the Affiliations Permission option is used. (See Large Group Support (Affiliations) for more information). 

Next

Administration - Documents List

Â