The Permissions function does the following:
- Allocates attributes to a Group through a pre-defined checkbox menu
- Allocates Groups to Organisations (which have been previously defined)
Important Note: A Group can consist of one or more individual users. If the Group consists of one user you will be effectively assigning usage permissions to that individual.
There are a large number of attributes that can be allocated to groups depending on which Group structure they belong to, that is: Power User, Communication User or Viewers. By default, all of the attributes are allocated. The example below shows the attributes for a Power User:
The remaining two user Groups have an attribute set that has been derived from the Power User as shown below, first the Communications User:
And finally the Viewer:
Important Note: There are two attributes that need special attention above and beyond all of the rest, these are:
View All Organisations – When checked this will allow any user in the group to view ALL parts of the organisational structure
Administer All Groups – When checked this will allow a Power User in the group to act as an Administrator for ALL defined groups
With the exception of the two attributes named above, all other attributes are self-explanatory.
Restricting View Access
The following example will demonstrate how to set up a Group to have access to only a small part of the total Organisational structure. Go to Administration and click on Groups. If you have already created a number of Groups with the default attribute set, you should see a screen that looks something like this:
Restricting View Access is a two-part process:
1. Modify the Group attributes to DENY access to ALL viewable areas
2. Use ‘View Organisation Permission’ to GRANT access to specific viewable areas.
Step 1 – Deny Access: click on the Group for which you want to restrict access. In our example we will restrict the Marketing Group. Click on Marketing, open the ‘Advanced Permissions For Group Members’ window and UNCHECK ‘View All Organisations’ like this:
Click Save to close the window.
Step 2. Grant Access: click on ‘View Organisation Permissions’ and select Marketing from the drop-down list. The organisation structure you created earlier will appear with two columns of check-boxes. It should look something like this:
You can now select which parts of the Organisation you want to grant view access to. Note: if you click on the ‘Cascade’ check-box it will include all of the sub-organisations to the right of the one you have clicked on. In this example we have included Intrafocus at the top-most level, Sales and everything below it and Marketing, click Save and the screen will look something like this:
The result of this action is to restrict the View of the all users in the Marketing Group to the top-level Intrafocus scorecard, all of the Sales scorecards and all of the Marketing scorecards. To illustrate, the following two views show:
An administrator with full viewable access:
The restricted viewable access of a user in the Marketing group: