Assign User Permissions
Permissions are assigned to modules according to the user or user group.
There are also operations (columns) within modules that can be performed by every user. These operations are View, Create, Edit and Delete. That makes a sort of matrix where you need to enter the levels of permission in every cell for the performance of given operations in each module.
Levels of authorization
You can set whether the users from a given group will be able to perform the above mentioned operations (View, Create, Edit or Delete) and also you can set the range of items to which the permissions will be related.
It should be noted that if a user belongs to several groups (for example User and Administrator), he gets the combination of higher permissions from both groups. Our user, administrator, would have administrator permissions, i.e. permissions for all modules.
|
All items (ALL) |
Operations can be performed without restrictions (for example, sees all items from the current module) |
|
Items related to my Projects, Companies and Contacts (INHERITED) |
The execution of the operation is limited to the existence of a link between subordinate items (mostly activities) and superior items (projects, companies, contacts or opportunities) that the user is authorized to see, i.e. they see only those that are linked via tabs by a general link on the item detail (or are child items) to a project, company, opportunity or contact that they have the right to see. |
|
Items from the same group as me (GROUP) |
The operation is allowed only if the user is linked with the same category (group) as the item with which the user wants to work. This could mean that the user only sees items linked to the group to which the user belongs. |
|
Items related to me (RELATED) |
The user obtains permissions for items which are directly related to him. For example, theuser who is in a project team can write time sheets to this project. |
|
Only my items (OWN) |
The user has permissions only to the items which he created. For example, the user can only change a time sheet which he made himself. |
|
No items (NONE) |
No permission for any items. |
Example of Permission Use
Contacts can be sorted into two groups: Public and Private. Then you will sort the users into these groups and they will only see contacts from their group.
GROUP permission is assigned in the same way as other permissions. For example, if GROUP permissions are set in the group PM, the user will only see the items from this group which are related to the same category as the user. A permission doesn’t have to be assigned to a specific category, rather directly to a group to which other permissions have already been assigned.
If you have groups with similar permissions, you can simplify the permissions assign by their copying.