Smartstaff
282
edits
Changes
→Setting Role-Based Security Permissions
==Overview==
The '''UTA Security Matrix '''feature in your [[SmartSimple]] [[instance]] allows you to restrict [[User|user]]'s interaction with the [[Universal Tracking Application|Universal Tracking Applications]] in your system and the associated [[entities]] with each application. The '''Security Matrix '''allows you to define how users can interact with each level of the data in an application, based on the way that they need to interact with data. You must enable the '''Security Matrix '''and permission each [[User Role|role]] to have varying levels of accessibility to the [[Universal Tracking Application]].
'''Note: '''You must have [[Global User Administrator|System Administrator]] privileges in order to enable the '''Security Matrix.'''
2. Click the '''gear icon '''on the top left of the UTA page in order to enter its '''Configuration Settings.'''
:: [[File:UTA configuration.png]]
3. Click into the '''Security '''tab.
:: [[File:UTA security matrix.png|500px|border]]
<pre> As soon as the Security Matrix is enabled, all users will lose all access to data within the application until the role-specific permissions are established. </pre>
===Setting Role-Based Security Permissions===
The next step after clicking into the the '''Security Matrix Matrix'''hyperlink is to specifically choose which roles will have which security permissions with the this {{UTA}}. The {{UTA}} '''Security Matrix '''will appear with a top row of tabs that respectively lead to the security matrices of the {{L1}}, {{L2}} and {{L3}} entities in that UTA, if applicable. :: [[File:Security matrix l1l23 entity 2019.png|thumb|none|800px|Tabs in a Budget Manager UTA that lead to the security settings for different level entities.]]
The {{UTA}} '''Security Matrix''' page will appear with a top row of tabs that lead, chronologically, to the security matrices of the {{L1}}, {{L2}}, and {{L3}} entities in that UTA (if more than a {{L1}} entity is applicable).
:: [[File:Security matrix grant manager 2019.png|thumb|none|800px|Grant Manager Security Matrix example, with tabs for L2, L2, and L3 entities]]
In each security matrix is a list of the respective UTA [[User Role|user roles]], followed by these column headings: '''Access''', '''Deny''', '''View''', '''Add''', '''Edit''', '''Delete''', and '''Assign.'''
The Security Matrix window is displayed.
[[ImageFile:SecurityMatrixSecurity Matrix Example.png|link=800px|border]]
==How the Security Matrix works==
* '''Owner''' – Only a [[User|user]] in this [[Role|role]] associated through the "Owner" standard field can perform the permissioned actions.
* '''Assigned''' – Only [[User|users]] that are assigned to the item - either in the "Assigned" standard field or assigned as a contact with this role - can perform the permissioned actions.
* '''AccountsOrganizations''' – Only [[User|users]] in this [[Role|role]] that are associated with organisations organizations assigned to this item can perform the permissioned actions. This is an indirect permission. For example, if you were to associate a company with a project and use this permission, then someone from that company with this [[Role|role]] would be able to perform the permissioned actions.
* '''Person''' - Only [[User|users]] in this [[Role|role]] associated through the "Person" standard field can perform the permissioned actions.
