Group Access Rights
Location in standard build: Admin menu > User Access > Group Access > Click on the name of a user group
The Group Access Rights screen sets the permissions and access rights of a particular User Group.
Each Group has a screen with tabs and tick boxes, which controls that Group's access to the system.
How Group Access works
Each aspect of the system has a line on one of the tabs, with three (occasionally four) options associated with it.
- VIEW - is this Group allowed to view this aspect of the system?
- CREATE NEW - is this Group allowed to create instances of this aspect of the system? (explanation of this wording below)
- EDIT - is this Group allowed to edit existing ones?
- DELETE - if available, is this Group allowed to delete existing ones?
Exactly how these three (or four) options apply depends on the part of the system in question. It isn't possible to have a column heading which is generic enough to suit every usage of every part of the system. It's easier to look at it in terms of one particular line that you might be interested in. For example, the "Clients" line on the "Main Program" tab has three tick boxes available:
In this case the three columns mean -
- VIEW - is this Group allowed to view clients?
- CREATE NEW - is this Group allowed to create new clients?
- EDIT - is this Group allowed to edit existing clients?
As you can see, when the part of the system in question is some simple concept, like "Clients", it's easy to see what the three tick boxes do. By ticking different boxes you would be able to give a Group quite specific permissions. For example, by ticking the VIEW and CREATE NEW boxes for Clients, but not the EDIT box, users in this Group would be able to search for clients and view their details, and create new clients, but would not be able to edit existing clients.
Rob Kay - manual author (talk) 14:20, 22 August 2017 (BST)