[GH-ISSUE #2308] Feature Request: Duplicate / Clone Role #3372

New issue

Open

opened 2026-03-14 07:13:26 +03:00 by kerem · 0 comments

kerem commented

2026-03-14 07:13:26 +03:00

Owner

Originally created by @hti-un on GitHub (Oct 9, 2025).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/2308

Summary
Add a feature to duplicate an existing Role, including all its permissions and site/client assignments, so that new roles can be created more efficiently without manually re-selecting each permission.

Current Behavior

At the moment, when creating a new Role, all permissions must be selected manually.
This is time-consuming and error-prone, especially in environments with fine-grained access control or multiple similar roles (for example “Technician”, “Technician-Limited”, “Read-Only”).

Proposed Solution

Introduce a “Duplicate Role” or “Clone Role” option in the Roles management view.

Possible implementation ideas:

A button next to each existing Role, labeled “Duplicate” or “Clone”.
When clicked, a dialog prompts for the new Role name.
The new Role is created with identical permissions and assigned sites/clients.
Optionally, include a checkbox to exclude site/client assignments if not desired.
Ensure the new Role is immediately editable after creation.

Additional Suggestions

Audit Log: Record the duplication event (“Role X duplicated as Role Y by user Z”).
API Support: Expose this feature via the API endpoint to allow automation or scripted provisioning.
Validation: If certain site/client references no longer exist, warn or skip them gracefully.

Benefits

Greatly reduces admin overhead when managing complex permission setups.
Avoids human error when reproducing similar roles.
Encourages more consistent role design and security structure.
Useful for MSPs and larger deployments with repeating role patterns.

Example Use Cases

Create a “Technician-Limited” role by cloning “Technician” and then revoking a few specific permissions.
Create per-client roles that share most permissions but differ in scope.
Quickly rebuild roles when migrating or restructuring permission sets.

Labels

enhancement, feature request, permissions, roles

References

Related issues:

#1974 (User and Role restrictions)

Originally created by @hti-un on GitHub (Oct 9, 2025). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/2308 **Summary** Add a feature to **duplicate an existing Role**, including all its permissions and site/client assignments, so that new roles can be created more efficiently without manually re-selecting each permission. --- ### Current Behavior At the moment, when creating a new Role, all permissions must be selected manually. This is time-consuming and error-prone, especially in environments with fine-grained access control or multiple similar roles (for example “Technician”, “Technician-Limited”, “Read-Only”). --- ### Proposed Solution Introduce a **“Duplicate Role”** or **“Clone Role”** option in the Roles management view. **Possible implementation ideas:** 1. A button next to each existing Role, labeled “Duplicate” or “Clone”. 2. When clicked, a dialog prompts for the new Role name. 3. The new Role is created with identical permissions and assigned sites/clients. 4. Optionally, include a checkbox to exclude site/client assignments if not desired. 5. Ensure the new Role is immediately editable after creation. --- ### Additional Suggestions - **Audit Log:** Record the duplication event (“Role X duplicated as Role Y by user Z”). - **API Support:** Expose this feature via the API endpoint to allow automation or scripted provisioning. - **Validation:** If certain site/client references no longer exist, warn or skip them gracefully. --- ### Benefits - Greatly reduces admin overhead when managing complex permission setups. - Avoids human error when reproducing similar roles. - Encourages more consistent role design and security structure. - Useful for MSPs and larger deployments with repeating role patterns. --- ### Example Use Cases - Create a “Technician-Limited” role by cloning “Technician” and then revoking a few specific permissions. - Create per-client roles that share most permissions but differ in scope. - Quickly rebuild roles when migrating or restructuring permission sets. --- ### Labels `enhancement`, `feature request`, `permissions`, `roles` --- ### References Related issues: - #1974 (User and Role restrictions)