Changes

==Enabling Overview==The '''UTA Security Matrix '''feature in your [[SmartSimple]] [[instance]] allows you to restrict [[User|user]]'s interaction with the [[Universal Tracking Application|Universal Tracking Applications]] in your system and the associated [[entities]] with each application. The '''Security Matrix==Matrix '''allows you to define how users can interact with each level of the data in an application, based on the way that they need to interact with data. You must enable the '''Security Matrix '''and permission each [[User Role|role]] to have varying levels of accessibility to the [[Universal Tracking Application]]. 

Once you '''Note: '''You must have created your [[Universal Tracking Application]] you may want to restrict interaction with the [[Applications|application]] and the associated [[EntityGlobal User Administrator|entitiesSystem Administrator]]. In privileges in order to do this you will need to enable the the '''Security Matrix.''' feature.

You should only enable this feature when you ==Configuration - Essentials=====Enabling the Security Matrix===Your first step is to create the [[Universal Tracking Application|Universal Tracking Applications]] for your system. If and once these have completed the entire applicationalready been created, as it you may become very difficult then enable the '''Security Matrix '''feature to work with ensure that the application once this security is switched levels of access dependent on[[User Role|user role]] are properly secure and permissioned. 

The '''Security Matrix''' is configured from 1. Open the '''Configuration''' page{{UTA}} whose security you would like to permission.

12. Click the '''gear icon '''on the top left of the UTA page in order to enter its '''Configuration Settings.''' tab.

2. Click the :: [[File:UTA Settings - Security|Security tabconfiguration.png]]3. Click into the '''Security '''tab.

The '''Security Matrix''' setting is displayed in the 4. Toggle on the '''Enable Security SettingsMatrix '''option. 

[[Image:Uta1355.png]] 3. Click the A '''Enable Security MatrixMatrix ''' check boxhyperlink will then appear below. Click this hyperlink.

4:: [[File:UTA security matrix. Click png|500px|border]] <pre>As soon as the '''Save''' buttonSecurity Matrix is enabled, all users will lose all access to data within the application until the role-specific permissions are established.</pre>

===Setting Role-Based Security Permissions===The next step after clicking into the '''Security Matrix''' link hyperlink is added to the top of the ''''Security Settings''' windowspecifically choose which roles will have which security permissions with this {{UTA}}.

[[Image:Uta136.png]] As soon as the security matrix is enabledThe {{UTA}} '''Security Matrix''' page will appear with a top row of tabs that lead, chronologically, all [[User|users]] will lose all access to data within the application until security matrices of the permissions are established{{L1}}, {{L2}}, and {{L3}} entities in that UTA (if more than a {{L1}} entity is applicable).

5:: [[File:Security matrix grant manager 2019. Click png|thumb|none|800px|Grant Manager Security Matrix example, with tabs for L2, L2, and L3 entities]]In each security matrix is a list of the respective UTA [[User Role|user roles]], followed by these column headings: '''Access'Security Matrix'', '''Deny''', '''View''', '''Add''', '''Edit''', '''Delete''', and ''' linkAssign.'''

* The current view is for '''Two additional tabs''' are used to control security associated with the Contract levelActivity ({{l2}}) and Level 3 Activity levels.

* '''Two additional tabs''' are used to control security associated with the '''Activity''' and '''Action''' levels. For each [[Role|role]] that you have permissioned to access the application in the "[[ApplicationUTA_Settings_-_Security#Access_Role_Settings|applicationAccess Role Settings]], " the same set of options will be displayed at each level.

* '''Owner''' – Only a [[User|user]] in this [[Role|role]] associated through the “Owner” "Owner" standard field can perform the permissioned actions.* '''Assigned''' – Only [[User|users]] in this [[Role|role]] that are assigned to the item - either in the "Assigned" standard field or assigned as a contact with this role - can perform the permissioned actions.* '''AccountsOrganizations''' – Only [[User|users]] in this [[Role|role]] that are associated with organisations organizations assigned to this item can perform the permissioned actions. This is an indirect permission. For example, if you were to associate a company with a project and use this permission, then someone from that company with this [[Role|role]] would be able to perform the permissioned actions.* '''Person''' - Only [[User|users]] in this [[Role|role]] associated through the "Person" standard field can perform the permissioned actions.

The following five permission types * '''Deny''' - Users in this role are available:denied access to this item.

1[[Image:SecurityMatrixExample. Set the '''permissions''' as shown below:png|link=]]

[[Image:Uta138.png]] * All employees Employees can view all items.* Only the owner Employee assigned as the "Owner" of a given record can view, add, edit, delete and assign other peopleto that record.

The same set of [[Role|roles]] and permissions are displayed, but this time for the Level 2 {{l2}} items. [[Image:SecurityMatrixL2.png|link=]]

6. Repeat this process for '''Level 3 – ActionsActivities'''.

{{PrevNextStart}} [[Calculating Information between Levels]]{{PrevNextMid}} [[Reader Logs]]{{PrevNextEnd}}