Roles in the 1C:Enterprise system define users' authority to work with information being processed in the system. The set of powers granted to a user is generally defined by the scope of his duties.

Choosing roles for users serves two major purposes: on the one hand, it limits the number of users who have access to confidential information; on the other hand, it prevents possible loss of information by forbidding users from performing certain operations (mainly deleting and editing data).

All components of a configuration are closely interrelated, and generally require approval for changes (this applies especially to user rights).

Thus, roles can be assigned only for existing configuration objects (particular documents, journals, catalogs, or reports). The addition of an object to the configuration structure must be accompanied by appropriate role changes.

Commands that can be linked to elements of the user interface control particular configuration objects. Obviously, it makes no sense for the user interface to include commands for working with information to which the user does not have access.

Roles are edited in a special edit window.

To open editing window:
in the properties palette for the Rights property click the Open link

To set a cancel access rights for all the roles it is more convenient to use the All roles window that is opened by selecting the All roles command from the context menu of the Shared - Roles configuration object of the configuration object tree or for configuration root object.

1C:Enterprise Developer's Community