Difference between revisions of "Group Access Rights"
m (→Introduction) |
|||
Line 15: | Line 15: | ||
− | + | To edit an existing group click on the group name or click the 'Create New Group' button to create a new group. | |
− | + | On the page that follows you can copy the settings from another group and/or edit the access: | |
+ | At the top of the page you will find a filter box if you wish to locate a specific option. | ||
[[File:cl_GAR_3.png|border]] | [[File:cl_GAR_3.png|border]] |
Revision as of 14:28, 9 May 2018
Introduction
Group Access is a key component to specify what users can do and the pages/records they can access within the system. The access rights will control what menus are available to a user and even which controls (buttons) are available. If a user does not have access to a page and they try to visit it with a bookmark they will be presented an Access Denied message.
Any one that is in a group that has access to group access will be classed as an administrator. Administrators are able to change all settings through out the system and have access to all data. If you restrict their access they will still be able to go into Group Access to change this.
Group Access can also be used to tailor a users screen, the less they have access to the less they will see. Normally you would thick of groups based around your projects and services. It is also recommended to have a group for old users (with no access granted) so that you can control who has access easier.
Each group will show the number of users in that group, by pointing to it you will be displayed a list of users. To access these users displayed click on the link (number of users). If there are no users in the group it can be removed bye clicking the 'Dust Bin' icon. To add new users this is done via their User Record.
To edit an existing group click on the group name or click the 'Create New Group' button to create a new group.
On the page that follows you can copy the settings from another group and/or edit the access:
At the top of the page you will find a filter box if you wish to locate a specific option.
How Group Access works
Each aspect of the system has a line on one of the tabs, with three (occasionally four) options associated with it.
- VIEW - is this Group allowed to view this aspect of the system?
- CREATE NEW - is this Group allowed to create instances of this aspect of the system? (explanation of this wording below)
- EDIT - is this Group allowed to edit existing ones?
- DELETE - if available, is this Group allowed to delete existing ones?
Exactly how these three (or four) options apply depends on the part of the system in question. It isn't possible to have a column heading which is generic enough to suit every usage of every part of the system. It's easier to look at it in terms of one particular line that you might be interested in. For example, the "Clients" line on the "Main Program" tab has three tick boxes available:
In this case the three columns mean -
- VIEW - is this Group allowed to view clients?
- CREATE NEW - is this Group allowed to create new clients?
- EDIT - is this Group allowed to edit existing clients?
As you can see, when the part of the system in question is some simple concept, like "Clients", it's easy to see what the three tick boxes do. By ticking different boxes you would be able to give a Group quite specific permissions. For example, by ticking the VIEW and CREATE NEW boxes for Clients, but not the EDIT box, users in this Group would be able to search for clients and view their details, and create new clients, but would not be able to edit existing clients.
Rob Kay - manual author (talk) 14:20, 22 August 2017 (BST)