Audience: Administrators Edition : Enterprise
Overview
Administrators may want to assign users varying levels of access to OrgChart. Security Profiles allow admin to customize users' access privileges based on a defined set of criteria.
Security Profiles
OrgChart offers two main types of Security Profiles that Administrators can create and assign to users.
Row Level Security Profiles - Limit the fields a user can access on a row-by-row basis
Branch Level Security Profiles - Limit the sections of a chart that a user can access
Row Level Security
Administrators can limit which field values a user can access on a row-by-row basis by creating Row Level Security (RLS) profiles. This restriction applies to Excel outputs, boxes on the chart, the Profile, and all other occurrences of the field within the application.
Note
Row Level Security restrictions can impact the way template rules are applied to records. When configuring Views, ensure that you do not create rules using restricted fields. Otherwise, the View may not appear as expected.
Accessing Row Level Security Profiles
1. Click on the Settings button in the bottom right corner, and then select the Account Settings option from the list.
2. Navigate to the Security heading, under the Row Level Security section, click on Create security profile button.
Security Configuration Options:
In the Security Configuration panel, Administrators can set the conditions under which users assigned to the selected Row Level Security profile are allowed or restricted from viewing specific fields.
Profile Details |
Name : Name of the selected Row Level Security profile. Description : Description of the permissions set in the selected Row Level security profile. |
Rules |
Allowed Fields : When selected, only Fields added in the Fields section can be viewed. All other fields are restricted. Restricted Fields : When selected, Fields added in the Fields section cannot be viewed. All other fields are allowed. Conditional Rules : Conditional Security Rules allow Administrators to restrict field access for users based on specific Field Value Criteria. Reference the Conditional Row Level Security article for more information.
|
Fields |
Click to add Fields that are either allowed restricted. |
Assigning Row Level Security Profiles
In order to enable Row Level Security for a user, Administrators must assign a Row Level Security Profile to that user's Access Group.
1. Click on the Settings button in the bottom right corner, and then select the Account Settings option from the list.
2. Add a new access group, or hover over an existing access group, and click on the pencil icon.
3. Check the Row Level Security checkbox, and then select the Row Level Security profile you'd like to assign to users with this access group.
4. Click on Save to preserve your changes. Reference the Managing Users article for more information about how to assign access groups to users.
Branch Level Security
Administrators can limit which branches a user can access by creating Branch Level Security profiles.
Accessing Branch Level Security
1. Click on the Settings button in the bottom right corner, and then select the Account Settings option from the list.
2. Navigate to the Security heading, under the Row Level Security section, click on Create security profile button.
Branch Level Security options:
+Create security profile button | Create a new Branch Security Profile |
Mouse over to configure Branch Level Security profile. | |
Mouse over to copy the Branch Level Security profile. | |
Mouse over to delete the Branch Level Security profile. |
Security configuration options:
In the Security Configuration panel, Administrators can set the conditions under which users assigned to the selected Branch Level Security Profile are allowed to view specific branches.
Profile Details
Name : Name of the selected Branch Level Security Profile.
Description : Description of the permissions set in the selected Branch Level Security Profile.
Rule Configuration
The following options allow Administrators to define under what conditions users assigned to the selected Branch Level Security Profile are allowed to view specific branches:
+ Branch Rule | Add a branch security rule |
Branch pruning | Check to enable branch pruning, so that only records meeting the BLS profile criteria are displayed |
Self + Subordinates | Access permitted for a user and all records reporting to that user. Optionally, click + to specify how many levels above that user are accessible. |
Restrict to own branch | Access own branch defined by a specific field in your data set. |
Enumerate branches | Access only the branches whose name and IDs are selected in the Allowed Branches dropdown menu. |
Assigning Branch Level Security Profiles
In order to enable Row Level Security for a user, Administrators must assign a Row Level Security Profile to that user's Access Group.
1. Click on the Settings button in the bottom right corner, and then select the Account Settings option from the list.
2. Add a new access group, or hover over an existing access group, and click on the pencil icon.
3. Click on the Chart dropdown menu under the Chart Security heading, and select the base chart for which you'd like this Branch Level Security profile to apply.
Note
Branch Level Security is unique to each base chart. If a user has access to more than one base chart, switch the base chart using the Chart dropdown menu to verify the proper security settings are assigned.
4. Check the Branch level security checkbox, and then select a Branch Level Security profile from the dropdown menu.
5. Click on Save.
Comments
0 comments
Please sign in to leave a comment.