ShareVision Security and Permissions

Overview

Role Based Security

An understanding of Security and Permissions is fundamentally important. This knowledge base article is to help you understand the fundamentals so you can choose how best to set up security on your site.

ShareVision Security and Permissions is role based. Roles are groups of users. Roles can have specific permissions applied.

Users in the Site Administrators role have access to everything in the front end and in the administration back end. This access is granted through role permissions. The role permission details of the Site Administrators role cannot viewed or edited; the permissions are set by ShareVision.

All other roles only have access to the front end.

All users of the site are added to the Staff Role, which grants them access to the home page, the client portal and the services portal.

Managers Role has been granted access to the contacts portal and reports portal.

Only Site Administrators Role has access to the Administration Portal. This portal can be used to grant non-site administrators access to some of the features found in the administrative back end. Review the Administrative Portal Knowledge Base Article.

Throughout ShareVision the role Site Administrators is automatically added by default. That is true when setting up security for services and clients, and for portals pages and page parts. Site Administrator role assumes access to everything.

Services

Services are the programs that you offer to clients. Before you add services or sometime early on in the setup of your ShareVision site, you need to decide on what security model you are going to use. Do you need set permissions on services so your staff can only see the services that they work at? Or do all staff see all services?

Go to the Add Services Knowledge Base Article for details on how to add services using the security model that works for you.

Users

Users are the staff who work for your agency. Ideally you should add your staff users prior to adding services as described below. Review the Users Knowledge Base Article.

Clients

Clients are the people that you provide services to. Do you want to limit permissions so staff can only see the clients that they actively work with? Do they actively work with all clients in a Service, or do they only work with clients that they are assigned to? i.e. an Assigned Worker?

Clients are added from the Clients Portal. A link to “Add Client” is available on that page to users who are in the Role Site Administrators. It is possible to edit permissions to expand who can add new clients, but it should be limited to those who play an administrative role.

Portals, Pages and Page Parts

Each component of the front end of Simply ShareVision is controlled by permissions. You can grant roles access to a portal, and then fine tune the access to pages and page parts within the portal. For example, permissions to the Home Portal are granted to all users in the Staff Role. You could add a Page that contains 2 page parts. One page part could have permissions set for the Managers Role. All users could see see the Page in the Quick Start Menu because they are in the Staff Role. Users who are not in the Managers Role will see 1 page part, and users in the Managers Role will see both page parts.

Portals

Permissions to portals are set from Portal Setting. Click on the Portal Icon to open edit portal page. The permissions section shows which roles Have Access, and which Do Not Have Access. When a new role is granted access to a portal, all the pages and page parts beneath inherit that permission.

Pages

Clicking on a Page within Portal Settings displays the permissions section for the page. It assumes the same permissions as the Parent Portal. Additional permissions can be applied at the page level. i.e. Staff Role can be removed from Have Access, and the Manager Role can be granted access. In that scenario, users who are not in the Managers Role would not see the Page in the quick start menu.

Page Parts

Clicking on a Page Part within Portal Settings has an option for “Page Part Permissions”. Click on it to open the permissions section. It assumes the same permissions as the Portal. Roles can be removed from Have Access and roles can be granted access.

Note: when adjusting permissions at the page part level it is important to ensure that users in the role assigned permissions to a page part, are also included in a role that is permitted to the page above and to the page part above. If a user not permitted to see the page that contains the page part that they are permitted to see, they will not have access to the page part.

Page Part Buttons

When adding or editing a page part in Portal Setting there are options for setting permissions on the buttons in the Page Part Buttons section. This is managed by adding roles to “Allows for Selected role(s)” fields which are available for:

  • Display “New” Button

  • Display “Edit” Button

  • Delete Button

Display “New” Button and Display “Edit” Button display for all users until a role is selected. Once role(s) as selected, only users in those roles have access to the button. i.e. Add Service and Add Client buttons have permissions set so only Site Administrators Role has access.

The Delete Button has permissions set for the Site Administrators Role by default. That means only users in that role can delete items that are in the page part. Generally delete privileges are only granted to Administrators. In some cases, you many choose to allow other roles this privilege.

 

 

Requirements/Dependencies

  •  

 

 Instructions

 

 Related articles

 

 

Related pages