Next, let us create the CEO role.
- Create a new Role configuration object named CEO.
It is fine with us that the new role does not have access rights for all the objects except for the configuration object types that do not have any objects created. For such configuration objects, full rights remain in effect.
- Ensure that the Output right is set for the root configuration object.
- Scroll through all the configuration object types and grant the View right for each object.
This also automatically sets the Read and Use rights.
- Expand the Common branch and then, in the Subsystems branch, grant the View right for all the subsystems.
This grants CEO the right to view all infobase data. Later you will use the command visibility by role settings to hide all the actions that are not related to the configuration applied logic from CEO's interface (fig. 22.3).
Fig. 22.3. Rights editor window for the CEO role
This completes the creation of the second role.