A user's permissions govern what they can view, edit and delete. SAM Leads modify Permissions and grant access to other users. A list of Users and their Permission Type can be viewed in Security Center.
A User can only have one Permission Type. A Permission Type can be shared among several users or each user may have a unique Permission Type. There are no limits to the number of Permissions built in your system.
|
In SAM, Settings (gear icon) > System > Permissions This screen is a list of Permission Types available in your SAM site. |
Default Permission Types
- Full Admin - A user can view, edit, and delete everything, including medical info and system configurations. This permission should only be given to a few select users, called SAM Leads.
- View and Edit - The user can view and edit all records, but cannot delete or manage configurations.
- View Only - The user can view all records, but cannot edit, nor delete. No configuration settings are available.
Permission Type Settings
Permission Types set specific access for Users.
- Tables - what entities and tables the user can see. Custom tables do not automatically get added to any permission type.
- Specific Records with Limiting Conditions - limit records by filters/criteria. Example: a permission set for a case worker to see their cases
- Configuration and System Settings - decide if this user can manage the administration of the following functions: Templates, Events, Bulk Emails
Modify a Permission Type
|
In SAM, Settings (gear icon) > System > Permissions > click on name of Permission Type to modify > click Edit Permission (sidebar) > check or un-check boxes next to each table(s) the user(s) can access > Save Changes to a Permission Type will affect all users that currently have that type. |
Add Filters to Permission Type
Under each Main Entity, a link is presented to define filters that limit this Permission Type's access to a sub-set of records.
Filters are commonly applied to Permissions to limit access to:
- States, Programs, or Active records
- A Role, like User = Social Worker or Case Coordinator
|
In SAM, Settings (gear icon) > System > Permissions > click on the Permission type to edit > click pencil icon on the Filters box at the bottom of an entity section > use prompts to select Table, Field, Operator and Value for the filter desired. You may add multiple filters > Save |
Notes
- Users will not be able to access forms that include tables excluded from a custom Permission Type. Review Tables Used on Forms in Form Customizer to ensure custom Permission Types can access the forms you desire users to have access to.
- Organization and Person records are generally recommended to include with most Permission types, so the user can add other records to the primary record they access.
- If a Permission type does not have any checkboxes under a Main Record, users will not see the Tab or reports associated with the main record at login.
Create a New Permission Type
|
In SAM, click Settings (gear icon) > System > Permissions > Add Permission Type > Enter Name for the New Permission Type > Check boxes next to table to designate access > Save When creating a new permission similar to another, choose Create Permission Type From This One. |
Delete a Permission Type
|
In SAM, Settings (gear icon) > System > Permissions > click on Permission type to delete > click Advanced Options > Delete Permission > OK > Yes, Delete this Record |
If a Permission type is deleted that a Person is set to, SAM will double check before deleting. The Person continues to have Login, but the Permission type is now blank.
Checklists and Permissions
If a user has access to view checklists, yet they are limited to accessing a table used on the checklist, the user will be able to view all Checklist items, including those from the limited table. However, the user will not be able to edit values to those checklist items that are on tables not allowed on the permission.
FAQs
A User cannot access certain records, what should I do?
Check the User's Permission Type.
|
Access Settings > System > Permissions to review the Permission type settings and determine if that Permission Type can access the records they need. If not, select the tables needed. |
Note: When new tables are created, SAM does not assume those records are viewable to all Permission Types. SAM Admins should review Permissions when new tables to the database are added.
What's the best way to test permissions?
Create a temporary test Person record to test with.
Enable login and add the Permission type you're testing with to their settings. Open two different web browsers. Use one browser to login as the SAM Lead, the other for logging in as the test user.
Login as the test user and review access to specific records, reports, and actions.
Comments
0 comments
Article is closed for comments.