If you have experience with the ICWS API, this can be done, but requires some programming and json parsing knowledge.
You would first retrieve a list of the roles in your environment to get the "id" values: /configuration/roles
Then you'd iterate through the list of id's to retrieve all of the configuration elements about the roles: /configuration/roles/{id}?select=*
This would give you a json object describing the role (members, administrative rights, access rights, security rights) that you could then look for a specific key/value pair representing the permission you are seeking to see if it is true or false.
The easiest way to locate this key is to create a dummy role that just grants that permission, and use the second step (roles by id) to pull back the configuration on that.
I know this isn't "easy" but i'd prefer spending a bit of time scripting this out to looking manually, and it could have a lot of further usecases when you eventually migrate off of the platform to extract future configuration requirements.
------------------------------
Aaron Lael
State of Utah - comments on this forum reflect my own personal opinions\observations and are separate from any entity I am otherwise involved in.
------------------------------
Original Message:
Sent: 03-27-2024 19:55
From: Anna Jhane Mulinyawe
Subject: Determining which role (or users) have certain Permission
Hi,
Is there a way to pull all roles that have a certain permission? We'd like to control who has access to the permission that allows users to delete evaluations and right now, we already have so may custom roles that it's challenging to trace by looking up each role. I've thought assigning all roles to myself but not that efficient still.
Thanks
AJ
#Reporting/Analytics
------------------------------
Anna Jhane Mulinyawe
SAFG Technologies, LLC
------------------------------