View Only

Discussion Thread View
  • 1.  Determining which role (or users) have certain Permission

    Posted 03-27-2024 19:55


    Is there a way to pull all roles that have a certain permission?  We'd like to control who has access to the permission that allows users to delete evaluations and right now, we already have so may custom roles that it's challenging to trace by looking up each role. I've thought assigning all roles to myself but not that efficient still. 




    Anna Jhane Mulinyawe
    SAFG Technologies, LLC

  • 2.  RE: Determining which role (or users) have certain Permission

    Posted 03-28-2024 10:02

    If you have experience with the ICWS API, this can be done, but requires some programming and json parsing knowledge.

    You would first retrieve a list of the roles in your environment to get the "id" values:  /configuration/roles

    Then you'd iterate through the list of id's to retrieve all of the configuration elements about the roles:  /configuration/roles/{id}?select=*

    This would give you a json object describing the role (members, administrative rights, access rights, security rights) that you could then look for a specific key/value pair representing the permission you are seeking to see if it is true or false.

    The easiest way to locate this key is to create a dummy role that just grants that permission, and use the second step (roles by id) to pull back the configuration on that.

    I know this isn't "easy" but i'd prefer spending a bit of time scripting this out to looking manually, and it could have a lot of further usecases when you eventually migrate off of the platform to extract future configuration requirements.

    Aaron Lael
    State of Utah - comments on this forum reflect my own personal opinions\observations and are separate from any entity I am otherwise involved in.

  • 3.  RE: Determining which role (or users) have certain Permission

    Posted 03-28-2024 11:45

    When you look at an object's permissions (Default, Role, Workgroup or User) you can see where those are inherited from.

    So if you create a dummy user, add all Roles (and Workgroup, if necessary) to it then look at the permission, you will see a list of everywhere it is being inherited from.


    Paul Simpson
    Views expressed are my own and do not necessarily reflect those of my employer.

Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources