Group Access Rights
Contents
Introduction
Group Access is a key component to specify what users can do and the pages/records they can access within the system. The access rights will control what menus are available to a user and even which controls (buttons) are available. If a user does not have access to a page and they try to visit it with a bookmark they will be presented an Access Denied message.
Any one that is in a group that has access to group access will be classed as an administrator. Administrators are able to change all settings through out the system and have access to all data. If you restrict their access they will still be able to go into Group Access to change this.
Group Access can also be used to tailor a users screen, the less they have access to the less they will see. Normally you would thick of groups based around your projects and services. It is also recommended to have a group for old users (with no access granted) so that you can control who has access easier.
Each group will show the number of users in that group, by pointing to it you will be displayed a list of users. To access these users displayed click on the link (number of users). If there are no users in the group it can be removed bye clicking the 'Dust Bin' icon. To add new users this is done via their User Record.
Creating/Editing a group
To edit an existing group click on the group name or click the 'Create New Group' button to create a new group.
On the page that follows you can copy the settings from another group and/or edit the access:
At the top of the page you will find a filter box if you wish to locate a specific option.
Group Options Tab
- Group name - The name of the group, this should represent the type of users assigned to this group.
- Group Email - You can specify a group email address, this is used when the users have no email address specified on their record.
- Group can control own password recovery? - This allows the users to change their own passwords.
- Group terminology for "Roster Workers" - Allows you to specify which of the Roster Module terminology groups are used for the users of this group.
- Allow copying of previous travel time and mileage when completing work schedules? - This displays an option to copy Job Card travel details when completing Roster Job Cards.
- Allow RaC entry directly from Action List? - Displays an update button on the Actions List for outstanding actions.
- Group has visibility of all uploaded documents? - Allows the group to be able to access all uploaded documents irrespective of the security set on the document.
- Group has visibility of all letter templates? - Allows the group to be able to access all letter templates irrespective of the security set on the document.
- Group can always view private notes? - Allows the group to be able to access all private notes irrespective of the security set on the document.
- Group can see Org/Person names? - Specifies if the Person/org name is displayed at the top of the record.
Group Users Tab
This tab displays a list of the users in this group. You can click the user to access their account.
Main Program Tab
This tab controls the access to the main parts of the system. There will be five columns displayed:
- Option - Name of the option that is controlled by the access rights.
- View/Access - This access right will enable the users of the group view or access the page or area of the option selected.
- Create New This access right specifies the users of the group can create new for the option selected.
- Edit - Allows the users of the group to edit the option selected.
Administration Tab
This tab controls the access to the main parts of the system. There will be five columns displayed:
- Option - Name of the option that is controlled by the access rights.
- View/Access - This access right will enable the users of the group view or access the page or area of the option selected.
- Create New This access right specifies the users of the group can create new for the option selected.
- Edit - Allows the users of the group to edit the option selected.
Security Tab
This tab controls the access to the main parts of the system. There will be five columns displayed:
- Option - Name of the option that is controlled by the access rights.
- View/Access - This access right will enable the users of the group view or access the page or area of the option selected.
- Create New This access right specifies the users of the group can create new for the option selected.
- Edit - Allows the users of the group to edit the option selected.
Reporting Tab
This tab controls the access to the main parts of the system. There will be five columns displayed:
- Option - Name of the option that is controlled by the access rights.
- View/Access - This access right will enable the users of the group view or access the page or area of the option selected.
- Create New This access right specifies the users of the group can create new for the option selected.
- Edit - Allows the users of the group to edit the option selected.
How Group Access works
Each aspect of the system has a line on one of the tabs, with three (occasionally four) options associated with it.
- VIEW - is this Group allowed to view this aspect of the system?
- CREATE NEW - is this Group allowed to create instances of this aspect of the system? (explanation of this wording below)
- EDIT - is this Group allowed to edit existing ones?
- DELETE - if available, is this Group allowed to delete existing ones?
Exactly how these three (or four) options apply depends on the part of the system in question. It isn't possible to have a column heading which is generic enough to suit every usage of every part of the system. It's easier to look at it in terms of one particular line that you might be interested in. For example, the "Clients" line on the "Main Program" tab has three tick boxes available:
In this case the three columns mean -
- VIEW - is this Group allowed to view clients?
- CREATE NEW - is this Group allowed to create new clients?
- EDIT - is this Group allowed to edit existing clients?
As you can see, when the part of the system in question is some simple concept, like "Clients", it's easy to see what the three tick boxes do. By ticking different boxes you would be able to give a Group quite specific permissions. For example, by ticking the VIEW and CREATE NEW boxes for Clients, but not the EDIT box, users in this Group would be able to search for clients and view their details, and create new clients, but would not be able to edit existing clients.
Rob Kay - manual author (talk) 14:20, 22 August 2017 (BST)