Setting up security correctly can be overwhelming at first. We recommend first completing the Installation Guide and then reviewing the Typical Setup doc. Then check out all of the Features available including granting admin rights and assigning multiple users. After that, check out the many configurable options below.
- Additive Rights
- Strict Rights
- New User Group Popup
- User Role Precedence
- Filter User List
- Use Popup Select - pre-6.5.5
- Use Creator Group Select - 6.5.6+
- Shared Calendar - Hide Restricted
- Inherit from Created By User
- Inherit from Assigned To User
- Inherit from Parent Record
- Default Groups for New Records
- Inbound email account
User gets greatest rights of all roles assigned to the user or the user's group(s)
If a user is a member of several groups only the respective rights from the group assigned to the current record are used.
When creating a new user show the SecurityGroups popup to assign the user to a group(s).
If any role is assigned directly to a user that role should take precedence over any group roles.
Non-admin users can only assign to users in the same group(s)
When a record is created by a user in more than one group popup a group selection screen otherwise inherit that one group. Inheritance rules will only be used for non-user created records (e.g. Workflows, etc).
Adds a panel to a record creation screen if a user is a member of more than one inheritable group that allows a user to select one or more groups that the user belongs to that should be associated with the newly created record. If a user is in just one group the normal inheritance rules will instead be applied.
NOTE: The new record will still inherit from the Assigned To user or Parent record if these options are set. This setting only overrides the Created By setting.
By default users can see when other users are busy on the Shared Calendar. Even if the user doesn't have rights to the meeting, call, etc. It will display on the calendar, but the user cannot view more details unless the user has rights to that specific calendar item. By setting this option the user cannot see these items on the Shared Calendar; only items that the user actually has rights to.
The record will inherit all the groups assigned to the user who created it.
The record will inherit all the groups of the user assigned to the record. Other groups assigned to the record will NOT be removed.
e.g. If a case is created for a contact the case will inherit the groups associated with the contact.
Set groups that should always be attached when a specific module is created.
Locks down inbound email accounts in the email client to only list those that belong to the same group as the current user.