1. Determine if the feature can be accessed by a user who is a System Administrator. If yes, continue to step 2 and if not, Contact Support and reference this article.
2. Determine if the feature can be accessed by the user if you add them to an ‘All Rights Granted’ System Role. An 'All Rights' System role is just a system role with every possible feature permission granted. If yes, continue to step 3 and if not, Contact Support and reference this article.
3. After you determine that the feature is accessible when the user is assigned to an ‘All Rights Granted’ System Role, begin removing feature permissions by section until you have removed access to the feature in question. This will determine which section the specific feature is within.
4. After finding the section that contains the feature in question, add each feature permission one-by-one until the feature is again available for the user to access.
5. Once you’ve determined the specific feature(s) that the user needs to have access granted, remove them from the ‘All Rights Granted’ System Role, and either add or edit an existing role and assign them to it with the new feature marked as granted.
Key Points to Security Permission Issues:
• Outside of Site Security and Constituent Security, a user’s rights are determined by the System Role(s) they are a member of.
• If the issue is in any way related to Code Table entries, Batch Types, Attributes, Smart Fields, or KPIs; check the different tabs of the System Role record(s) that the user is a member of. Specific instance rights associated with these types of components have their own tabs on the System Role itself (as well as specific feature permissions, for example, a user much has feature access to KPIs, as well has have the KPI assigned on the KPIs tab.
• All other components are included on the Features tab of a System Role.
• Tasks are navigational elements, so they are not secured in the same way as the actual feature permissions.
• If no features within a particular task are granted for a role, then even if the task is specifically granted to the role, it will not be visible to the users in that role.