User role in 2.30: default/greyed authorities

Dear all,
We are currently migrating to 2.30.
In the new User App, when you create a new user role, some authorities (some among “Delete”!) are ticked by default, and grey so that you can not touch them. It is even in the screenshot of the documentation files:

I really can’t understand why. Are all those authorities activated? Or conversely they don’t “exist” and that’s why they are greyed? This is not explained in the documentation.

1 Like


this seems weird to me. For 2.30, there is no specific authority to delete, for example dashboard, so by first glance this appears to be a bug.

Maybe @morten or @Lars are able to confirm.


Happy to report it on JIRA if you confirm this is a bug. :slight_smile:


Hey Lise,

this is in fact intentional and the idea is that for the analytical favorites (report table, chart, map etc), the authority to create private objects, update and delete private objects are granted to all users. In other words, you are allowed to create, update and delete your own charts. This is by design to encourage data use.

The ability to create public favorites/charts can be controlled by granting the create public authority.

Hope this explains it and let us know if things are still unclear :wink:

best regards,



Oops! I just saw your answer, Lars.
Actually, I now understand better when thinking about how roles are usually defined in DHIS2 (defining the function of the user). In our case, we chose to define “micro-roles” which are the finest group of authorities to do a concrete task (aggregate data entry, aggregated data use, …). And there it was very confusing to see these authorities greyed out for micro-roles which have nothing to do with the micro-role itself; We should be able to cope with this then.
Have a good day,