Difference between revisions of "Access Control"

From CollectiveAccess Documentation
Jump to: navigation, search
(Blanked the page)
Line 1: Line 1:
'''CREATING LOGINS
 
'''
 
*Under the Manage menu, select ''Access control''
 
*Select ''+New user''
 
 
[[File:Full_access.png]]
 
  
*Next, enter the basic info about the account:
 
**Make sure to click ''Account is activated''
 
 
[[File:Access_basic.png]]
 
 
*''User class'' determines if the login is used for the front-end (Pawtucket) or back-end (Providence)
 
**Full access – both front and back-end
 
**Public access – front-end only
 
**Deleted – access is deactivated, but a user’s logs are still viewable
 
*Switch the "Show [full-access] users" drop-down on the ''User logins'' screen to toggle between user classes
 
 
 
'''ROLES'''
 
*Each login should have a role assignment.
 
*To define roles, navigate to ''Access roles''
 
 
*To view the permissions set in a default role, click the edit icon
 
*There are two components to roles: Actions and Metadata access
 
**Actions define system privileges of various types
 
**Metadata access defines whether a user has “no access”, “read-only access” or “read/edit access” on a per-field basis
 
*To see a definition of a specific action, mouse over and hover on the action name.  A description will appear
 
 
[[File:Action_access.png]]
 
[[File:Metadata_access.png]]
 
 
*To create a new role, click ''+New role'' under ''Access roles''
 
 
 
'''GROUPS'''
 
*To create a new group, click on ''+New group'' under ''User groups''
 
*Groups allow you to lump users into buckets for the purpose of sharing forms, sets, and displays.  Access to records can also be granted per user or per group
 
*After you define your group you can add users and assign the group a role
 
**Navigate to ''User logins'', click Edit for a login and apply a group via the ''Group'' menu
 
 
 
'''RECORD LEVEL ACCESS'''
 
 
*Access to a record can be granted or denied on a user or group basis
 
**Access is defined as ''no access'', ''can read'', ''can edit'' and ''can edit + delete''
 
*Add rules via the ''Exceptions'' area of the screen
 
 
[[File:Record_access.png]]
 
 
*Remember to press Save to commit your access changes
 
*Currently, ''Global Access'' and ''Exceptions'' pertain only to back-end access
 
*To suppress a record from view on the front-end, change the value of the ''Access'' drop-down
 
**The ''Access'' drop-down is a hard-coded field and it lives on a user-defined screen, rather than the Access screen
 
 
[[File:Pawtucket_access.png]]
 
 
[[Category:Users_Guide]]
 

Revision as of 19:16, 25 October 2012

Namespaces

Variants
Actions
Navigation
Tools
User
Personal tools