Enforce User/Role Setup Inadequate
I am trying to setup profiles for users to remediate incidents and I want to restrict them to
A) Policies they are responsible for OR
B) Incidents caused by users in their business unit OR
C) Scans of their file shares
The way the role criteria work I can do all three - but I have to create three separate roles because the criteria are all "AND". There is no option to "OR" them. If I put them all on the same role then they don't see anything beacuse no incidents match all three criteria.
However if I give multiple roles to a user they then have to include a role in the login if they want anything other than the default role.
This all feels really clunky. Why can't the use jsut have all the privileges of their roles combined when they log on? Or even have the facility to switch roles while logged on would be better.
Am I the only person wh feel that the Enforce User/Role setup could do with some improvement?