Get a quick quote with our pricing calculator

Knowledge Base

Browse our knowledge base articles to quickly solve your issue.

Knowledgebase articles

Configuring the Advanced Security Module: Segmenting Users by function

The example below will show how to change the Permissions of a User for Organisation Records. For this, you will need to have two rulesets, one for Managers and one for Users.

The rules will be as follows:

  • Users will be able to only Read & Modify Items that they own.
  • Managers will be able to Read, Modify & Delete all items.

You will need to ensure that you have created the appropriate User Groups.

 

NOTE: These User Groups do not need any capabilities unless they are required, if it is purely for segmenting your data.

 

To set up the Permissions for these Groups follow the path Start > Configuration > Users & Security > Permissions

Start creating a new Ruleset, to do this you will need to select Manage Rulesets:

Then select New Ruleset:

You will only need to create a single Ruleset to create this capability:

Save and close these Rulesets and now add a sharing Policy, by selecting Add Sharing Policy:

A new window will pop up, fill this form and apply a new Ruleset. In this example, as you are using Organisation Records, you will need to create a New Sharing Policy that will look like below:

This means that any Organisation created by anyone will have the the sharing permissions of Users and Managers and depending on their User Group they will have different Permissions.

Now you have created the Ruleset and Sharing Policy, the Sharing Permissions will need updating, which can be done through a Bulk Action on the Landing Page of the specific record type:

Once you Recalculate Permissions, it will ask you if you are sure you want to do this for all records that are displayed on that landing page. Like any Bulk Action you will be given the option to undo it within 30 days if you need to revert back.

The Bulk Action will run in the background and may take a few minutes to run depending on the number of records that are being recalculated.

NOTE: If you have any Rulesets or Sharing Policies that affect the Everyone Group, these rules will overwrite new capabilities such as this as Permissions work on a cumulative basis, meaning that as they are a member of Everyone they get the permissions of the Everyone group.