the easiest way would be if all the objects created w/ the other roles had an acl policy associated w/ them. then you could update the acl policy w/ the permissions you want role c to have on the objects.
if that's not the case, create smart groups in each workspace w/ a condition of role_created = whatever role and then do a bulk permission update (ideally add a acl policy so it's easier in the future). and modify the default opt for the existing roles so that new objects they create will allow access to role c.
Thank you Bill.
Actually, ACL Policies were not followed for some time in our environment and I guess that might not work.
I tried creating a Smart group with conditions like role_modified, role_created, role_executed etc. It does not list all the objects. The reason is that not all the objects might be created by Role A or Role B. Some objects might be created by Role X and Role A will have permissions to use them. So, this smart group is missing few objects. I am trying to get ACL Policy implemented properly in the environment. However, to get this implemented, Should I do anything else as well?
Well, if you make a smart group where it shows all objects – eg ‘name does not equal BLANK’ where BLANK is actually just a blank entry that will show all objects the role can see.