Security permissions can be defined by roles, which allow staff to have the appropriate rights only while acting in a specific role associated with a work object.
Security permissions can also be defined by security groups to which the staff is assigned, which allow staff to have rights to the work object regardless of their role.
To update group functional rights, do the following:
Open Dashboard, click Application Links on the navigation panel, and then click Security groups under Security.
Do one of the following to display the security group profile for review or editing purposes:
Select a group in the grid and click Open in the Edit group on the Home tab.
Right-click an item in the grid and select an option from the Open sub-menu.
Click Functional rights on the navigation panel.
Select the appropriate option for each product in the grid.
The functional right assignment can be one of the following:
Undefined. Access is not yet assigned.
Granted. Access is allowed.
Never allow. Restricts all access, including any inherited access. This keeps the users assigned to the security group from performing the function even when the same users are members of another security group or assigned a role that has been granted the same permission.
A tab with the name of each product licensed by the firm displays in the grid. When a tab is selected, the list area in each column refreshes to show the rights for the selected tab.
Module/Function Description
This column includes the names of the modules and their functions for the selected product.
For some product modules, the functions are broken down into multiple levels of subordinate functions. For example, Staff Manager and Client Manager will allow Security to be defined all the way down to the field level.
This column is used to specify whether the staff inheriting the rights of the role will be able to add a record for the selected function such as adding a staff profile.
Note: Selecting Grant for the Add column also displays this value in the Edit/Perform and View columns and cannot be edited, unless those columns previously had a value of N/A.
Edit/Perform
This column is used to specify whether the staff inheriting the rights of the role will be able to edit a record or perform a function.
Note: Selecting Grant for the Edit/Perform column also displays this value in the View column and cannot be edited.
View
This column is used to specify whether the staff inheriting the rights of the role will be able to view the data as specified by the function description. For example, the right to view client profiles.
Note: Selecting Grant for the Add or Edit/Perform columns also displays this value in the View column and cannot be edited.
Delete
This column is used to specify whether the staff inheriting the rights of the role will be able to delete the data as specified by the function description. For example, the right to delete client profiles.
Role-related
This column displays a check mark for any rights that should be given to staff only when they are acting in roles rather than in the security groups.
Grant All
When selected, all rights in the selected product are changed to Grant.
Clear All
When selected, all rights in the selected product are changed to N/A.
Saves the changes and the window stays open for editing. An error message displays if you click this button before entering all required information.
Save & New
Saves the changes and opens a new window to create a new entry. An error message displays if you click this button before entering all required information.
Save & Close
Saves the changes and exits the window. An error message displays if you click this button before entering all required information.