Managing Roles
Managing permissions via roles in Cimar can be done by admins through the UI.
Accessing Roles List:
In Cimar click "Administration" in the top menu and click "Roles" on the left side of the second menu.
This will bring up a list of the account roles and their permission levels.
To edit existing roles simply click "Edit" on the right side of the role to update:
To create a new role, click the blue "New Role" button instead.
The settings page to edit an existing role and the page to create a new role are identical. In this guide we will use "New Role" as an example:
Basic Role Settings:
The first section of the roles settings are the basics of choosing name and an optional description for the role. These will show in the main roles list:
The "Role can be applied to" setting is defining where the role is valid. It can either be account wide or for just locations or groups. Common default is that the role can be applied to all.
The "Study list namespace filter types" setting is defining what type of worklist that role has access to. By default all roles will have access to the main worklist, but not everyone should have access to that, using this setting will allow you to limit that. You can either select multiple by clicking and holding Ctrl or you can select none giving full access to all namespace types. Please note, if you give access to 'Groups' and then proceed to to give no groups to the user with this role then they will still see no groups. Same applies to locations.
You can also choose what type of roles this role can give to users if or when they invite someone to the account. Please note, even if you set this up that does not mean that a user with this role can invite someone to the account, they also require the specific role setting to invite users to the account, this setting just allows you to limit what role types they can assign when they have that setting enabled.
Role Permissions:
The second section covers the specific role permissions.
There are over 100 different customisation options for Cimar role permission that can be adjusted to each individual role needs. Most of these will affect basic permissions like if a user can upload or share studies.
If you require any help with these permissions, please contact Cimar support.
Field Permissions
After adjusting the role permissions, the next section covers the "Field Permissions".
These settings define what level of access this role has to certain input fields for the organization:
The dropdown contains 4 options to choose from:
- Full Permission
- Users can see and edit this field as they wish.
- Hidden Field
- Users cannot see nor edit this field, but it exists and contains a value which can be used for sorting studies or routing studies based on the values.
- Read Only Field
- Users can see this field, but cannot edit it.
- Required Field
- When uploading a study, users must put a value in this field if it is not automated via a DICOM tag mapping
Advanced Search Customisation:
Next section covers the option to specify which fields are available in the advanced work list search for users with this role.
To select more than one field, simply hold down "Ctrl" and click on the fields you want visible to search.
Once these are selected, they will then be visible to the user on the work list advanced search:
The last bit of roles settings that can be adjusted is the default ProViewer layout.
This is a field that accepts JSON as the input, so might look a bit cryptic if not familiar with the format.
To set this easily, you can open the ProViewer on a study and copy the active settings by holding down "Shift" and clicking "Settings".
There is now a button in the bottom right corner saying "Settings Import" which will contain the active settings in JSON format.
This can be copied over to the role settings to set as the role default.
Adjusting Roles for Locations/Groups:
(Please note, this is optional and will override main role settings as described below)
When setting up a new location/group (or editing an existing one) there is an option to select a default role for that specific worklist:
This is a role setting that can override a user's main role based on their specific user settings.
This is covered by the field "Use group/location default role (if set)" as mentioned in the article on Managing Your User's Details.
If a user has this setting ticked and their main organisation role is "Admin", but the group's default role is "User - No Org/Global Access", then the user will automatically be assigned the "User - No Org/Global Access". This override can be manually adjusted by in the user's settings ( Managing Your User's Details) but will automatically apply to all users in the location/group.