When editing a group, there are 3 tabs (sections) associated with the group. These tabs are for:
- Basic Information
- Group Rights and Actions
- Group Document Access
[INFO] Basic Information:
This section provides name, description and user membership for the group.
- There only required field for a group is the Name.
- Description is optional, but used to clarify for the administrator what right and access the group was created around.
- To assign users to the group, use the Multi-Item Selection method
[RIGHTS] Group Rights and Actions:
- System Access Rights control which "sections" of DynaFile that the user has access to.
- Document Control Actions control what the user can do to any individual document that they can access.
- Hovering over each right or action will provide a detailed description as to the effective result of assigning the right or action.
[ACCESS] Group Document Access:
- The Document Access tab allows the administrator to define which Structured Index Values members of the group can view, modify or delete.
- When editing an existing group, you may have the option to define a Management Vertical. It is recommended to learn more about Management Verticals.
- For most groups, each index field should have at least one item selected for the group to view, however in certain circumstances (see note below), it might be more effective to assign access to one specific index at the user level.
- Selection of Access Rights is accomplished using the Multi-Item Selection method.
- When in multi-item selection mode, non-selected indexes will be blurred out to clearly identify which index you are assigning access to.
- For the index defined as the Management Vertical, you can allow members of the group to view (), modify () or delete () documents of that type.
- For indexes not defined as the Management Vertical, you can only allow members of the group to view () documents of that classification.
- This section will also allow you to view or remove Specific Document Access for the group.
A user’s document access should primarily be controlled through their assigned group(s) and only in limited circumstances should additional document access be granted at the user level (which will add to their group access). Examples of this may include:
- A "Managers" group might be created to control Document Type access, but does not define Department access. In this case, you would assign view permissions to a specific manager at the user level for their respective department.
- A payroll supervisor might belong to a "Payroll" group that defines specific viewing of Document Types for most payroll users, but this supervisor user needs to have modify permissions to a few more of the assigned Document Types.