The interworks.cloud platform leverages its security component to govern the user access level both regarding module access rights and data visibility rights. This means that an administrator of the system can decide both the interworks.cloud platform funcionality (modules) that will be made available for a specific user and can even go as far as to limit the actual records the user will be available to see.
Create a New Permission Rule
You can create a permission rule to reflect the level of data visibility a user will have. Here's how:
- Navigate to BSS > Setup > Administration > Personal Setup > Permission Rules
- Click 'Add'
- Fill in the name of the new rule at the respective field
Select to which Modules the Rule Applies
In 'Modules Apply' you can define for which module records the rule can be used.
- Column 'Apply': Mark the entities you want to include into the rule
Column 'Default': Check the modules about which this rule will be the default one (e.g. when a user creates an entity this rule will be pre-selected in Permission Rule field).
You can have only one default rule for an entity.
If you have already a default rule for an entity and you create a new rule to be the default one, the system will autiomatically uncheck the default option from the old rule and it will keep it only in the new rule
Define to which Users / Groups the Permission Rule will Grant Access
The next step is to define which users / groups will be able to view the record that created using the permission rule. For each user / group tyou can also define what the type of access will have.
- Locate 'Users/Groups' section and click 'Add'
- Select the users or user groups you want. The selected users / groups will be inserted under the section.
- Define the type of access each user / group will have: read-only, edit or full access.
Define the Users that can Use the Rule
The last step is to define which user can use this rule when the create a new record.
- Select the 'Sharing' option
- Select the users / groups you want. Then select the access rights for the rule.
- View: The user will be able to use this rule he creates a new record but he will not be able to ammend the permision rule from BSS Setup area
- Write: The user will be able to use this rule when he creates a new record but he will also be able to ammend the permision rule from BSS Setup area
- Delete: The user will be able to use this rule when he creates a new record but he will also be able to ammend or delte the permision rule from BSS Setup area
- Compulsory. The user wll be able to use only this rule when he creates a record but he will not be able to ammend the permision rule from BSS Setup area.
Give edit / delete rights for the permission rule only to the admin user
We suggest the permission rules to be managed only from the admin user and the rest users to have only "Read-only" or "Compulsory" rights. With this approach you will be sure that the users cannot ammend the permission scheme your administrator defined.
Use the Compulsory option for all your users if possible
In order to be sure that your permission scheme will be enforced automatically by the system and not letting the users to bypass it, use the compulsory option for the majority of your users. Make an exception only for your senior managers that they probably have the need to either share a record to their team or only to the rest management team.
Table of Contents
- No labels