Security policy permission settings

To configure permissions on the Permissions for <security policy> page, you click the table cell at the intersection of a role and a feature or option.

Clicking in the cell toggles through the following settings:

Table 1. Permission settings on the Permissions for <security policy> page
Symbol Name Description
Granted Grants users in the role access to the function.
Blocked

For system and security policy roles only, denies users in the role access to the function. (You cannot block functions by project or object roles.)

A permission block supersedes any other setting. For example, a user's project role grants access to the Budget tab for the projects that are created from a specific template, but the security policy role blocks access to the tab. That user cannot access the Budget tab.

Inherited Not explicitly defined. An explicit permission setting for the project and object roles that are assigned to the user is inherited. If none of the other roles has the permission set, the setting in the appropriate default Global security policy role (Plan Administrator or Plan User) is inherited. If none of the roles grants the user permission, the function is blocked.
N/A Not accessible For project and object roles, indicates that the permission setting cannot be changed.

If a user qualifies for more than one role, the permissions are cumulative. For example, if a user's security role grants different permissions than the role in the current project, that user has all of the permissions that are granted by both of the roles.