diff --git a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.1-configure-roles.md b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.1-configure-roles.md
new file mode 100644
index 00000000..9c85f12d
--- /dev/null
+++ b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.1-configure-roles.md
@@ -0,0 +1,34 @@
+# 4.2.3.1 Configure roles
+
+OpenCRVS has a pre-configured set of user roles with various scopes, but you can change them to have any combination of scopes that you need. You can also create completely new roles. All of these roles are defined in the `roles.ts` file in the `src/data-seeding/roles` directory of the opencrvs-countryconfig repository. This particular file has a `roles` array that contains all the roles that will be available in your OpenCRVS instance. Now let's take a look at how we can define a new role:
+
+```typescript
+{
+ id: 'DATA_ENTRY_CLERK',
+ label: {
+ defaultMessage: 'Data entry clerk',
+ description: 'Name for user role data entry clerk',
+ id: 'userRole.dataEntryClerk'
+ },
+ scopes: [
+ SCOPES.RECORD_DECLARE_BIRTH,
+ SCOPES.RECORD_DECLARE_DEATH,
+ SCOPES.RECORD_DECLARE_MARRIAGE,
+ SCOPES.RECORD_SUBMIT_INCOMPLETE,
+ SCOPES.RECORD_SUBMIT_FOR_REVIEW,
+ SCOPES.SEARCH_BIRTH,
+ SCOPES.SEARCH_DEATH,
+ SCOPES.SEARCH_MARRIAGE
+ ]
+}
+```
+
+* The `id` field is the unique identifier for the role.
+* The `label` field can be used to configure how the role would show up in the application. A corresponding entry in the `client.csv` file for the id `userRole.dataEntryClerk` would need to be created to provide translations for the label.
+* The `scopes` field is an array of scopes that the role has access to. The `SCOPES` constant has all the available scopes that can be used in the system. More details on each scope is added in the next section.
+
+Adding this entry to the `roles` array in the `roles.ts` file will make the role available in the OpenCRVS instance.
+
+{% hint style="danger" %}
+If you are upgrading from a previous version of OpenCRVS, **Do not modify the existing roles** in the `roles.ts` file to make the upgrade backward compatible. Instead, add new roles if needed.
+{% endhint %}
diff --git a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.2-configure-role-titles.md b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.2-configure-role-titles.md
deleted file mode 100644
index bafb500a..00000000
--- a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.2-configure-role-titles.md
+++ /dev/null
@@ -1,42 +0,0 @@
-# 4.2.3.2 Configure role titles
-
-OpenCRVS has a pre-configured set of user roles with permissions, but you can name these roles anything you like.
-
-You need to prepare the initial role titles with translations in a csv file.
-
-Using our roles.csv file as an example, you create all the roles you need mapped to the built in systemRoles:
-
-| systemRole | label\_en | label\_fr |
-| ----------------------- | --------------------- | ------------------------------- |
-| FIELD\_AGENT | Police Officer | Officier de police |
-| FIELD\_AGENT | Social Worker | Travailleur social |
-| FIELD\_AGENT | Healthcare Worker | Personnel de santé |
-| FIELD\_AGENT | Local Leader | Leader local |
-| REGISTRATION\_AGENT | Registration Agent | Agent d'enregistrement |
-| LOCAL\_REGISTRAR | Local Registrar | Registraire local |
-| LOCAL\_SYSTEM\_ADMIN | Local System Admin | Administrateur système local |
-| NATIONAL\_SYSTEM\_ADMIN | National System Admin | Administrateur système national |
-| PERFORMANCE\_MANAGEMENT | Performance Manager | Gestion des performances |
-| NATIONAL\_REGISTRAR | National Registrar | Registraire national |
-
-{% hint style="danger" %}
-Do not change or re-format the header row as the code requires these names to be precise in order to parse the csv. Do not use commas in any cell and do not have any empty rows.
-{% endhint %}
-
-* Each row will represent a unique "role" in your country.
-* The **systemRole** column is the identifier for the available system roles in OpenCRVS. Values must be set to one of the following supported system roles only:
-
- FIELD\_AGENT
-
- REGISTRATION\_AGENT
-
- LOCAL\_REGISTRAR
-
- LOCAL\_SYSTEM\_ADMIN
-
- NATIONAL\_SYSTEM\_ADMIN
-
- NATIONAL\_REGISTRAR
-
- PERFORMANCE\_MANAGEMENT
-* The label columns should be duplicated according to the languages you wish to configure in your system.
diff --git a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.2-scopes.md b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.2-scopes.md
new file mode 100644
index 00000000..40749017
--- /dev/null
+++ b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.2-scopes.md
@@ -0,0 +1,56 @@
+# 4.2.3.2 Scopes
+
+|User Action Scope |Target version |Description |Action CTA |Impact on Client |CTA Location |Type |
+|------------------------------------------------|----------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------|------------------------------------------------------------------------------------------------------------------------|-----------------------------------------|------------|
+|record.declare-birth |1.7 https://github.com/opencrvs/opencrvs-core/issues/7419|This scope adds the Birth form option to the declaration form |Create declaration |Adds option to create a birth declaration |TopNav |Declare |
+| | | | | | |Declare |
+|record.declare-death |1.7 https://github.com/opencrvs/opencrvs-core/issues/7419|This scope adds the Death form option to the declaration form |Create declaration |Adds option to create a death declaration | |Declare |
+|record.declare-marriage |1.7 https://github.com/opencrvs/opencrvs-core/issues/7419|This scope adds the Marriage form option to the declaration form |Create declaration |Adds option to create a marriage declaration + filters list of place of event address fields | |Declare |
+|record.declare-birth:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7420 |Some users can only create declarations for events that occurred in their jurisdiction - this scope filters the place of birth administrative areas |Create declaration |Adds option to create a birth declaration + filters list of place of event health locations and community address fields| |Declare |
+|record.declare-death:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7420 |Some users can only create declarations for events that occurred in their jurisdiction - this scope filters the place of birth administrative areas |Create declaration |Adds option to create a death declaration + filters list of place of event health locations and community address fields| |Declare |
+|record.declare-marriage:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7420 |Some users can only create declarations for events that occurred in their jurisdiction - this scope filters the place of birth administrative areas |Create declaration |Adds option to create a marriage declaration | |Declare |
+|record.declaration-submit-incomplete |1.7 https://github.com/opencrvs/opencrvs-core/issues/7421 |Field Agents can currently send incomplete declarations. This scope lets this be configurable on/off |Submit incomplete |Uses the Send Incomplete declaration review footer variant |Declaration Review Page |Declare |
+|record.declaration-submit-for-review |1.7 https://github.com/opencrvs/opencrvs-core/issues/7421 |This scope is given to Field Agents type role. So they can send completed declarations to their assigned office. |Submit for review |Uses the Send Complete declaration review footer variant | |Declare |
+|record.declaration-submit-for-approval |1.7 https://github.com/opencrvs/opencrvs-core/issues/7421 |This scope is for a Registration Agent type role. Who sends a declaration to a Registrar who the. registers the record. This scope changed the status to Validated |Submit for approval | Adds Send for approval button on Declaration Review page |Declaration Review Page |Validate |
+|record.declaration-submit-for-updates |1.7 https://github.com/opencrvs/opencrvs-core/issues/7421 |This scope is for a Registration Agent type role. Who sends a declaration for updates if their are issued. This scope changed the status to Requires Updates |Submit for updates | Adds Send for rejection button on Declaration Review page |Declaration Review Page |Validate |
+|record.declaration-edit |1.7 https://github.com/opencrvs/opencrvs-core/issues/7422 |This scope adds the change links to a declaration ‘In review’, ‘Requires updates’. Some countries only allow the declaration to be updated by the original preparer/creator |Change |Adds change links to declaration review page |Action Menu |Validate |
+|record.review-duplicates |1.7 https://github.com/opencrvs/opencrvs-core/issues/7427 |This scope adds the option to review potential duplicates |Review |Adds review declaration if it is flagged as a potential duplicate to Action menu |Duplicate Review Page |Validate |
+|record.declaration-archive |1.7 https://github.com/opencrvs/opencrvs-core/issues/7427 |This scope lets a user archive a declaration. It changes the status to Archived |Archive declaration |Adds Archive option in the Action menu or Reinstate if archived |Action Menu |Validate |
+|record.register |1.7 https://github.com/opencrvs/opencrvs-core/issues/7421 |This scope allows a user to register a record. It adds the register button to the bottom of the review page |Register {event} |Uses Register Declaration Review footer variant |Declaration Review Page |Register |
+|record.export-records |1.7 https://github.com/opencrvs/opencrvs-core/issues/6948 |This scope allows a user to export a workqueue/search results. |Export |Adds Export option to workqueue and search results menu |Action Menu |Certify |
+|record.declaration-print |1.7 https://github.com/opencrvs/opencrvs-core/issues/6913|This scope allows a user to print a declaration |Print declaration |Adds ‘Print declaration’ or ‘Print record’ (if registered) to the action menu | |Certify |
+|record.declaration-print-supporting-documents |1.7 https://github.com/opencrvs/opencrvs-core/issues/6913|This scope allows a user to print all supporting documents |Print supporting documents|Adds Checkbox to Print declaration/record dialog confirmation | |Certify |
+|record.registration-print&issue-certified-copies|1.7 https://github.com/opencrvs/opencrvs-core/issues/2269 |This scope allows a user to print a certified copy |Print certified copy |Adds Print certified copy option to Action menu |Action Menu |Certify |
+|record.registration-request-correction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7434 |This scope allows a user to request a correction to a record |Request correction |Adds Request correction option to action menu |Action Menu |Correct |
+|record.registration-correct |1.7 https://github.com/opencrvs/opencrvs-core/issues/7434 |This scope allows a user to correct a record |Correct record |Adds Correct Record option to Action menu, or Review correction request if requested |Action Menu |Correct |
+|record.declaration-reinstate |1.7 https://github.com/opencrvs/opencrvs-core/issues/7427 |This scope lets a user reinstate an archived declaration. It changes the status to the previous status before it was Archived. |Reinstate declaration | | |Validate |
+|search.birth |1.7 https://github.com/opencrvs/opencrvs-core/issues/6909 |User can search for birth records (shows the birth tab in the advanced search) - note if user does not have any search scope. Then the search field is hidden) |Search for record |Limits search to just birth records in their jurisdiction |Search Bar, Advanced Search Birth Tab |Search |
+|search.death |1.7 https://github.com/opencrvs/opencrvs-core/issues/6909 |User can search for death records (shows the death tab in the advanced search) |Search for record | |Search Bar, Advanced Search Death Tab |Search |
+|search.marriage |1.7 https://github.com/opencrvs/opencrvs-core/issues/6909 |User can search for marriage records (shows the marriage tab in the advanced search) |Search for record | |Search Bar, Advanced Search Marriage Tab|Search |
+|search.birth:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/6909 |User can only search for birth records in their jurisdiction |Search for record |Limits search to just birth records in their jurisdiction |Search Bar, Advanced Search Birth Tab |Search |
+|search.death:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/6909 |User can only search for death records in their jurisdiction |Search for record |Limits search to just death records in their jurisdiction |Search Bar, Advanced Search Death Tab |Search |
+|search.marriage:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/6909 |User can only search for marriage records in their jurisdiction |Search for record |Limits search to just marriage records in their jurisdiction |Search Bar, Advanced Search Marriage Tab |Search |
+| | | | | | |Search |
+|record.unassign-others |1.7 https://github.com/opencrvs/opencrvs-core/issues/7431 |This scope is to allow a user to unassign another user who is current assigned to the record. Currently the Registrar has this ability. |Unassign |Adds Unassign User option in Action Menu |Action Menu |Declare |
+|config.update:all |1.7 | | | |“External System” |Config |
+| | | | | | |Config |
+| | | | | | | |
+|organisation.read-locations:all |1.7 https://github.com/opencrvs/opencrvs-core/issues/7435 |This scope allows a user to navigate the Organisation and view all team office locations |Name of office |Adds Organisation menu option to left menu. Can view all office/location pages listing all assigned users | |Organisation|
+|organisation.read-locations:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7435 |This scope allows a user to navigate the Organisation and view all team office locations in my jurisdiction | | | |Organisation|
+|organisation.read-locations:my-office |1.7 https://github.com/opencrvs/opencrvs-core/issues/7435 |This scope allows a user to navigate the Organisation but only link to their own team office |My Office |Adds Organisation menu option to left menu. Adds My Office menu option to the left side menu | |Organisation|
+| | | | | | |Organisation|
+|user.create:all |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | |Create User |Adds create user button | |User |
+|user.create:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | |Create User | | |User |
+|user.update:all |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | |Edit User |Adds edit user option to action menu | |User |
+|user.update:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | |Edit User | | |User |
+|user.read:all |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | | | | |User |
+|user.read:my-jurisdiction |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | | | | |User |
+|user.read:my-office |1.7 https://github.com/opencrvs/opencrvs-core/issues/7436 | | | | |User |
+|user.read:only-my-audit | | | | | |User |
+| | | | | | |User |
+| | | | | | | |
+|profile.electronic-signature |1.7 https://github.com/opencrvs/opencrvs-core/issues/7432 |Adds the electronic signature capture in user creation and edit. In the future will enable the user to update their own electronic signature in their profile settings. |Electronic signature |Shows form filed ‘Electronic signature’ in user creation form |User creation/edit |Profile |
+|performance.read |1.7 https://github.com/opencrvs/opencrvs-core/issues/6261 | |Performance Management |Adds Performance Management menu in the left sidebar | |Performance |
+|performance.read-dashboards |1.7 https://github.com/opencrvs/opencrvs-core/issues/6261 | | | | |Performance |
+|performance.vital-statistics-export |1.7 https://github.com/opencrvs/opencrvs-core/issues/7433 |This scope allows a user to export vital statistics to csv |Vital Statistics Export |Adds the vital statistics left menu option | |Performance |
+
diff --git a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/3.2.3.1-prepare-source-file-for-test-employees.md b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.3-prepare-source-file-for-test-employees.md
similarity index 79%
rename from v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/3.2.3.1-prepare-source-file-for-test-employees.md
rename to v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.3-prepare-source-file-for-test-employees.md
index 46ea9517..9f2f7602 100644
--- a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/3.2.3.1-prepare-source-file-for-test-employees.md
+++ b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/4.2.3.3-prepare-source-file-for-test-employees.md
@@ -30,7 +30,7 @@ In production, the National System Administrator user will use the OpenCRVS UI t
Using our [default-employees.csv](https://github.com/opencrvs/opencrvs-countryconfig/blob/develop/src/data-seeding/employees/source/default-employees.csv) file as an example, you can create employees with all possible roles to quality assure your OpenCRVS instance, or just a single National System Admin role. Our deafult-employees.csv file looks like this:
-| primaryOfficeId | givenNames | familyName | systemRole | role | mobile | username | email | password |
|---|
| CRVS_OFFICE_JWMRGwDBXK | Kalusha | Bwalya | FIELD_AGENT | Social Worker | 0911111111 | k.bwalya | kalushabwalya@gmail.com | test |
| CRVS_OFFICE_JWMRGwDBXK | Felix | Katongo | REGISTRATION_AGENT | Registration Agent | 0922222222 | f.katongo | felixkatongo@gmail.com | test |
| CRVS_OFFICE_JWMRGwDBXK | Kennedy | Mweene | LOCAL_REGISTRAR | Local Registrar | 0933333333 | k.mweene | kennedymweene@gmail.com | test |
+| primaryOfficeId | givenNames | familyName | role | mobile | username | email | password |
|---|
| CRVS_OFFICE_JWMRGwDBXK | Kalusha | Bwalya | SOCIAL_WORKER | 0911111111 | k.bwalya | kalushabwalya@gmail.com | test |
| CRVS_OFFICE_JWMRGwDBXK | Felix | Katongo | REGISTRATION_AGENT | 0922222222 | f.katongo | felixkatongo@gmail.com | test |
| CRVS_OFFICE_JWMRGwDBXK | Kennedy | Mweene | LOCAL_REGISTRAR | 0933333333 | k.mweene | kennedymweene@gmail.com | test |
{% hint style="danger" %}
Do not change or re-format the header row as the code requires these names to be precise in order to parse the csv. Do not use commas in any cell and do not have any empty rows.
@@ -40,23 +40,7 @@ Do not change or re-format the header row as the code requires these names to be
* The **primaryOfficeId** column is the identifier for the civil registration office where the user will be located. Notice that the format is "CRVS\_OFFICE\_\". For example, all of these users aove will be created in Ibombo District Office
* The **givenNames** column must be the users' first names separated by using a space.
* The **familyName** column must be the users' first names separated by using a space.
-* The **systemRole** column must be set to one of the following supported system roles only, and this defines user permissions:
-
-FIELD\_AGENT
-
-REGISTRATION\_AGENT
-
-LOCAL\_REGISTRAR
-
-LOCAL\_SYSTEM\_ADMIN
-
-NATIONAL\_SYSTEM\_ADMIN
-
-NATIONAL\_REGISTRAR
-
-PERFORMANCE\_MANAGEMENT
-
-* The **role** column can be any text value to represent the public facing role title for this individual. Role title configuration is explained in the next section.
+* The **role** column must be set to one of the id's from the `roles.ts` file.
* The **mobile** column must contain a mobile number **without** your country code. Ensure that the mobile number validates using whatever phone number regular expression that you intend to use when configuring application settings later. You can ignore this if you are not using phone numbers as a method of communication.
* The **username** column must be a unique username that the user will use to authenticate with when logging in.
* The **email** column must contain a valid email address
diff --git a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/README.md b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/README.md
index e422ad1f..e8fcd1e6 100644
--- a/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/README.md
+++ b/v1.7.0/setup/3.-installation/3.2-set-up-your-own-country-configuration/3.2.4-set-up-employees-for-testing-or-production/README.md
@@ -4,7 +4,7 @@
The next step is for you to set up some employees that have access to your development or production OpenCRVS instance.
-You can also configure custom role titles to match each of the built-in OpenCRVS system roles.
+You can also configure the available roles in the system or create completely new ones by combining various scopes to match the needs of your country. More on this in the next section.
For demo and development purposes, we have created some example employees in our Farajaland repo. A test employee setup like this allows you to perform all quality assurance activities you may wish to perform. The setup includes all the user roles located in 3 separate offices and are documented in the main README of our opencrvs-core Git repository. But you should never use this list of test employees in production.