Difference between revisions of "Global User Administrator"
Line 61: | Line 61: | ||
:: [[File:GUA enable security.png|900px|border]] | :: [[File:GUA enable security.png|900px|border]] | ||
+ | ===Other Permissions=== | ||
+ | The '''SysAdmin '''role should also be permissioned to have more functionality in the system - for example, you should ensure that the role has the ability to set, activate, set password, and edit email addresses of all other people in the system. | ||
+ | |||
+ | Click on the 9-square menu icon '''> ''''''Global Settings > ''''''Roles and Security > User Roles '''to permission the '''SysAdmin '''role more. | ||
==See Also== | ==See Also== |
Revision as of 14:56, 3 July 2019
Contents
Overview
The Global User Administrator, also known as the System Administrator, is a User who controls the entire organisation hierarchy within the copy of SmartSimple and is able to perform the following functions:
- Manage system security.
- Manage email Integration.
- Manage the JSON API functions.
- Create additional users at any level – including additional Global User Administrators.
- Create new sub-organisations.
- Subscribe organisations to SmartSimple application programs.
- Upload organisation and contact information (either internal or external organisations).
- Define custom fields for any SmartSimple object.
- Create roles and collaborative workflows.
Notes
- As a security feature, whenever a new Global User Administrator is created, all other Global User Administrators within that copy of SmartSimple will receive an e-mail notification of the new administrator.
- If your user type is Global User Administrator you will see all items on menu icon ('Display Menu Icon' option in role configuration). All selected/deselected items in 'Menu Items' will be ignored as you are Global User Administrator and you will see all items on the left-hand panel.
Enabling or Disabling System Administrator Privileges
In order for a user to have SysAdmin privileges, they must have their role set to System Administrator.
If a user does not already have SysAdmin privileges, you can always add them into that role by following these steps:
1. Access the profile of the user who you want to associate a SysAdmin role to.
2. Click on the Options button on the top left row of buttons; this will enable a drop down menu.
3. Under the subheading Properties, click Roles and Access.
4. On the right of the first line will be a toggle on/off function labelled Global Administrator.
By toggling on this option, you are providing this user with Global User Administrator privileges.
By toggling off this option, you are removing them from the Global User Administrator role.
5. Click Save to ensure that the role has been added or removed.
Security Permissions for System Administrators
In addition to enabling the Global User Administrator using the toggle on/off option from the specific user profile, you must also ensure that the System Administrator role in your system has the appropriate security permissions.
1. Click on the 9-square menu icon on the top right of your page.
2. Under the heading Configuration, select Global Settings.
3. Click on the tab labelled Security.
4. Click on the hyperlink Security Matrix.
5. For the Organization tab, scroll down the list of user roles until you find the System Administrator role. Click into it.
Check the following options for access and permissions under each row that mentions All: View, Edit, Add, Delete and Lookup.
6. Click into the User tab and repeat step 5.
7. Click Save when you are done.
- When you have permissioned the security matrix for a role, there should be a green check mark next to the role name on the left-hand list. This way you can remember which roles have or haven't been given access to system features; this is also where you can check if a user role finds out they don't have access to something that they should.
Your security matrix for a SysAdmin should consequently look something like this:
Other Permissions
The SysAdmin role should also be permissioned to have more functionality in the system - for example, you should ensure that the role has the ability to set, activate, set password, and edit email addresses of all other people in the system.
Click on the 9-square menu icon > 'Global Settings > 'Roles and Security > User Roles to permission the SysAdmin role more.