Difference between revisions of "Defining Roles, Permissions and Users"

From IMSMA Wiki
Jump to: navigation, search
 
(14 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
__FORCETOC__
 
__FORCETOC__
 
{{TOC right}}
 
{{TOC right}}
{{Note | To add, change permissions associated with, or remove IMSMA roles, you must have permission ''Role Admin''.}}
+
{{Note | To add, change permissions associated with, or delete IMSMA roles, you must have permission ''Role Admin''.}}
  
{{IMSMANG}} allows information managers to control permissions for {{IMSMANG}} functions through the management of users and roles. With multiple permission levels for the Workbench, for example, different users can be assigned different permissions, allowing programmes to implement a data-entry workflow that distinguishes between data entry and data verification roles. It is recommended to set up a permission structure that reserves approval authority for Data Entry Forms for the most trusted users.
+
{{IMSMANG}} allows information managers to control permissions for {{IMSMANG}} functions through the management of Users and Roles.  
  
 +
[[Image:Approval buttons.png|center|500px]]
 +
<div align="center">
 +
''Permission to Save - Submit - Approve - Reject are controlled by which Role the User belong to''
 +
</div>
 +
With multiple permission levels for the Approval process, for example, different users can be assigned different permissions, allowing Mine Action Programmes to implement a Data Entry workflow that distinguishes between Data Entry and Data Verification roles. It is recommended to set up a permission structure that reserves approval authority for Data Entry Forms for the most experienced users.
 +
 +
Some of the permissions have [[Change Permission Access Level | two different levels]]:
 +
* Read-only
 +
* Read and Write
 
{| class="wikitable"
 
{| class="wikitable"
! colspan="2" |  Typical {{IMSMANG}} Roles  
+
! colspan="2" |  [[Recommended Roles and Permissions | Recommended ]]{{IMSMANG}} Roles  
 
|-
 
|-
 
! Role
 
! Role
Line 12: Line 21:
 
|-
 
|-
 
| Data Entry
 
| Data Entry
| Users whose primary function is to enter Data Entry Forms and other data into the system. This role may or may not include the ability to approve Data Entry Forms.
+
| Users whose primary function is to enter Data Entry Forms. This role may or may not include the ability to approve Data Entry Forms.
 
|-
 
|-
 
| Data Verification
 
| Data Verification
| Users who typically perform quality checks on the data entered by Data Entry users. This role is often responsible for verifying the accuracy of the data entered and approving Data Entry Forms.
+
| Users who typically perform quality checks on the data entered by Data Entry users. This role is responsible for verifying the accuracy of the data entered and approving Data Entry Forms.
 
|-
 
|-
 
| Operations
 
| Operations
| Users who typically browse for information within {{IMSMANG}} to make operational decisions. Operations users may sometimes be grouped by function (for example, education, clearance, or victim assistance). These users often perform searches for data, generate reports and analyze the data to support operational needs.
+
| Users who typically browse for information within {{IMSMANG}} to make operational decisions. These users often perform searches for data, generate reports and analyse the data to support operational needs.
 
|-
 
|-
| Systems Administrator
+
| Operator Administrator
| Users who perform information management-specific functions such as creating Data Entry Form templates, designing reports, backing up and restoring data and other technical functions.
+
| User that is not working at the NMAA and has more permission than Data Entry users. These could be permissions that is needed after installation e.g. Reference system or permission to publish Data Entry Forms templates.
 +
|-
 +
| IMSMA Administrator
 +
| Users who perform Information Management / System administrator specific functions such as creating Data Entry Form templates, designing printing reports, backing up and restoring data and other technical functions.
 
|-
 
|-
 
| Guest
 
| Guest
Line 27: Line 39:
 
|}
 
|}
  
Access to IMSMA functions are handled by the use of permissions. Permissions allow a user to view information related to a function, or view and change information related to a function. Roles are named groups of permissions that can be assigned to users. IMSMA includes several predefined roles that have one or more permissions assigned to them. The predefined IMSMA roles are Operations, System Administrator, Data Entry, and Guest.  
+
{{Note | Ensure that NMAA has '''exclusive''' control over user accounts and roles, Data Entry Form templates, the Data Inventory Manager and Auxiliary data.}}
 +
 
 +
Access to {{IMSMANG}} functions are handled by the permissions. Permissions allow a user to view information related to a function, or view and change information related to a function. Roles are named groups of permissions that can be assigned to users. {{IMSMANG}} includes several [[Predefined Roles | predefined roles]] with the installation. It is '''strongly''' recommended to customise these roles to the need of the Mine Action Programme. It is of course also possible to add new roles or copy existing roles.  
  
 
{{HowTo's
 
{{HowTo's
 
|[[Role List Window]]
 
|[[Role List Window]]
|[[Access and Use the User List Window|User List Window]]
+
|[[User List Window]]
 +
|[[Predefined Roles]]
 +
|[[Recommended Roles and Permissions]]
 
}}
 
}}
  
You can use the predefined roles as is, or you can change them to suit your needs. You can also add new roles or copy existing roles.
 
 
{{New_6.0 | 5 new permission groups with Read only variations have been added:
 
{{New_6.0 | 5 new permission groups with Read only variations have been added:
 
* Assistance classification
 
* Assistance classification
Line 42: Line 57:
 
* Needs classification
 
* Needs classification
 
}}
 
}}
The default permissions associated with IMSMA’s predefined roles and their descriptions are listed below:
 
  
{| class="wikitable"
 
! colspan="3" | Default Permissions for IMSMA Roles
 
|-
 
! Role Name
 
! Default Permissions
 
! Provides Access to...
 
|-
 
| rowspan="33"| Operations
 
| Assistance Classification
 
| Add and change assistance classifications. For this permission, you can also specify read-only access.
 
|-
 
| Auxiliary Data Export
 
| Export country structure, explosive ordnance, organisation, assistance classification, cause classification, needs classification and place data.
 
|-
 
| Cause Classification
 
| Add and change cause classifications. For this permission, you can also specify read-only access.
 
|-
 
| Country Structure
 
| Add or change country structures and country structure levels.
 
|-
 
| Data Inventory Manager
 
| Add, change, and remove custom defined fields, custom option values, and data categories.
 
|-
 
| Data Entry Form
 
| Add, save, submit, and delete Data Entry Forms.
 
|-
 
| Data Entry Form Approve
 
| Approve Data Entry Forms.
 
|-
 
| Data Entry Form Export
 
| Export Data Entry Forms.
 
|-
 
| Data Entry Form Import
 
| Import Data Entry Forms.
 
|-
 
| Data Entry Form Reject
 
| Reject Data Entry Forms.
 
|-
 
| Data Entry Form Submit
 
| Submit Data Entry Forms.
 
|-
 
| Form Template Design
 
| Add, change, and remove Data Entry Form templates.
 
|-
 
| Form Template Publish
 
| Publish Data Entry Form templates.
 
|-
 
| Hierarchy Manager
 
| Add, change, and remove levels for Country Structure, Assistance Classification, Needs Classification, and Cause Classification.
 
|-
 
| Impact Scoring
 
| Add, change, remove, and generate impact scores.
 
|-
 
| Link
 
| Add links between item records.
 
|-
 
| Map Export
 
| Export a map to an .apm file.
 
|-
 
| Map Import
 
| Import a map into IMSMA.
 
|-
 
| Needs Classification
 
| Add and change needs classifications. For this permission, you can also specify read-only access.
 
|-
 
| Ordnance Classification
 
| Add, change, and remove ordnance classifications. For this permission, you can also specify read-only access.
 
|-
 
| Organisations
 
| Add, change, and remove IMSMA organisations. For this permission, you can also specify read-only access.
 
|-
 
| Places
 
| Add and change IMSMA places. For this permission, you can also specify read-only access.
 
|-
 
| Print
 
| Print the results.
 
|-
 
| Reference System Manager
 
| Add, change, and remove coordinate reference systems used by IMSMA.
 
|-
 
| Reporting
 
| Generate reports.
 
|-
 
| Role Admin
 
| Add, change, and remove roles and assign permissions to roles.
 
|-
 
| Search
 
| Locate item records that meet specified criteria.
 
|-
 
| Task
 
| Add, change, and remove tasks and work items.
 
|-
 
| Sub-Theme Customisation
 
| Assign subcategories (sub-themes) to themes displayed on the IMSMA Navigation window’s map.
 
|-
 
| Map Display
 
| Change IMSMA icons and map themes displayed on the IMSMA Navigation window’s map.
 
|-
 
| User Admin
 
| Add, change, and deactivate users.
 
|-
 
| Summary Manager
 
| Add, change, publish, and remove customised Summaries.
 
|-
 
| XLS Import
 
| Import Data Entry Form data in .xls file format.
 
|-
 
| rowspan="2" | System Administrator
 
| Map Export
 
| Export a map to an .apm file.
 
|-
 
| Map Import
 
| Import a map into IMSMA.
 
|-
 
| rowspan="9" | Data Entry
 
| Assistance Classification (read-only)
 
| View assistance classifications.
 
|-
 
| Cause Classification (read-only)
 
| View cause classifications.
 
|-
 
| Data Entry Form
 
| Add, save, submit, and delete Data Entry Forms.
 
|-
 
| Needs Classification (read-only)
 
| View needs classifications.
 
|-
 
| Ordnance Classification (read-only)
 
| View ordnance classifications.
 
|-
 
| Organisations (read-only)
 
| View IMSMA organisations.
 
|-
 
| Places (read-only)
 
| View IMSMA places.
 
|-
 
| Print
 
| Print the results.
 
|-
 
| Search
 
| Locate item records that meet specified criteria.
 
|-
 
| Guest
 
| Search
 
| Locate item records that meet specified criteria.
 
|}
 
  
{{NavBox Getting started with IMSMA}}
+
{{Note| 1st July 2016 it was reported that users must have ''Read and Write'' on Organisation in order to be able to enter geographical data in Data Entry Forms. Investigations are on-going.}}
 +
{{NavBox IMSMA NG Administration}}
  
[[Category:ELR]]
+
[[Category:NAA]]

Latest revision as of 22:45, 17 June 2017

Note.jpg To add, change permissions associated with, or delete IMSMA roles, you must have permission Role Admin.

IMSMANG allows information managers to control permissions for IMSMANG functions through the management of Users and Roles.

Approval buttons.png

Permission to Save - Submit - Approve - Reject are controlled by which Role the User belong to

With multiple permission levels for the Approval process, for example, different users can be assigned different permissions, allowing Mine Action Programmes to implement a Data Entry workflow that distinguishes between Data Entry and Data Verification roles. It is recommended to set up a permission structure that reserves approval authority for Data Entry Forms for the most experienced users.

Some of the permissions have two different levels:

  • Read-only
  • Read and Write
Recommended IMSMANG Roles
Role Description
Data Entry Users whose primary function is to enter Data Entry Forms. This role may or may not include the ability to approve Data Entry Forms.
Data Verification Users who typically perform quality checks on the data entered by Data Entry users. This role is responsible for verifying the accuracy of the data entered and approving Data Entry Forms.
Operations Users who typically browse for information within IMSMANG to make operational decisions. These users often perform searches for data, generate reports and analyse the data to support operational needs.
Operator Administrator User that is not working at the NMAA and has more permission than Data Entry users. These could be permissions that is needed after installation e.g. Reference system or permission to publish Data Entry Forms templates.
IMSMA Administrator Users who perform Information Management / System administrator specific functions such as creating Data Entry Form templates, designing printing reports, backing up and restoring data and other technical functions.
Guest Users with essentially read-only access to browse data.
Note.jpg Ensure that NMAA has exclusive control over user accounts and roles, Data Entry Form templates, the Data Inventory Manager and Auxiliary data.

Access to IMSMANG functions are handled by the permissions. Permissions allow a user to view information related to a function, or view and change information related to a function. Roles are named groups of permissions that can be assigned to users. IMSMANG includes several predefined roles with the installation. It is strongly recommended to customise these roles to the need of the Mine Action Programme. It is of course also possible to add new roles or copy existing roles.

New 6.0.png 5 new permission groups with Read only variations have been added:
  • Assistance classification
  • Cause classification
  • Country structure
  • Hierarchy manager
  • Needs classification


Note.jpg 1st July 2016 it was reported that users must have Read and Write on Organisation in order to be able to enter geographical data in Data Entry Forms. Investigations are on-going.