Permission can be granted to a role to allow access to specific program objects of the system. Along with permission to access a program object,  permission can then be granted to create, modify or delete data in that object.

To specify which program objects, menus and JSPs (web pages or sessions) a role is allowed to view:

1. Using the Advanced menu, click System Admin > Role Management > Role Authorization.
2. Select the Role.
3. Click Assign Objects.
   
   
   
   
4. Using the Assign Objects to Role screen, select objects from the right hand list by:

• Clicking the selection boxes in front of desired objects, then clicking Add All Selected. 
• Or by individually clicking the <<Add for each object.
• Each object selected is now in the left hand list.

To define create, update, delete or read only access for an object: 

• If no boxes are selected, permission is granted for read-only.
• Read only is the default setting when an object is granted to a role. 
• If the box is selected in the Create column, permission is granted to allow the user to create a new record.
• If the box is selected in the Update column, permission is granted to allow the user to update an existing record.
• If the box is selected in the Delete column, permission is granted to allow the user to delete an existing record.
• If all boxes are selected, permission is granted to create, update and delete.

Once all permissions have been defined by checking the appropriate boxes, click Save CRUD Changes.