Work with security for levels
Documents in the application are organized within levels. Administrators can set security and permissions for levels. Security is applied by group.
You can grant group leaders access to some administrative features related to levels. For more information, see Grant administrative access.
Disable and enable document security
You can enable or disable document security for levels, as follows:
Enabling document security allows you to control a group's access to the documents that are within levels.
Disabling document security allows all groups to access all levels.
When document security is disabled, the application ignores the permissions that are set on levels, and groups can access the documents in the levels.
Tip: If you are not using document security, you should disable it.
If a message appears on the Levels page indicating that document security is currently off, you must enable it to set security for levels.
Enable document security
To enable document security:
On the Case Home page, under Security, click Levels.
Click Enable document security, and then click OK.
Disable document security
To disable document security for all levels:
On the Case Home page, under Security, click Levels.
Click Disable security, and then click OK.
Display groups on the Levels page
To select which groups to display on the Levels page:
On the Case Home page, under Security, click Levels.
Click Select groups.
Select the check box next to the groups that you want to display. You can display up to five groups.
Click Save.
Set levels security
Administrators can perform the following tasks when setting security for levels:
Grant or deny access to levels that are available to groups on the Documents page.
Give group members the ability to add or delete documents within a level.
Set security for each level and sublevel individually, or set security for all levels for a group.
Set root level security for all individual levels within a group that have not been previously set.
Note: If a case is upgraded from an earlier version of the application, the existing settings remain in place.
The following table lists the permissions that can appear on the Levels page.
|
Permission |
Description |
|
Set explicitly
|
If a level does not inherit security settings from its parent level, a check mark appears in the Set explicitly column. Note: The Set explicitly value indicates the setting only for the level in the applicable row, not for any of that level's sublevels. A sublevel may have different security settings. To display the security settings for sublevels, click the plus sign (+) next to a parent level. |
|
Deny
|
Denies the group access to the level. |
|
Allow
|
Allows the group to access the level. |
|
Add
|
Allows the group to add documents to the level. |
|
Delete
|
Allows the group to delete documents from the level. |
Set security for all levels
You can set the group security for all levels at one time, including the root level. When you do this, all levels and sublevels inherit the security settings, regardless of whether the security for any levels was explicitly set.
To set group security for all levels:
On the Case Home page, under Security, click Levels.
At the top of a group column, do one of the following:
Click the Deny button to make all levels unavailable to the group.
Click the Allow button to make all levels available to the group. Optionally, do any of the following:
To allow the group to add documents to the levels, click the Add button.
To allow the group to delete documents from the levels, click the Delete button.
Click OK.
Synchronize security to make the change take effect across the group. For more information about how to sync security, see Sync security.
Set security at the root level
You can set security at the root level. The security settings for the root level act like a template for the group. Unless you explicitly set security for a level, all levels and sublevels automatically inherit the root-level settings.
To set the security for the root level:
On the Case Home page, under Security, click Levels.
In the Root level row, do one of the following:
Select Deny to make all levels that are not explicitly set unavailable to the group.
Select Allow to make all levels that are not explicitly set available to the group. Optionally, do any of the following:
To allow the group to add documents to the levels, select Add.
To allow the group to delete documents from the levels, select Delete.
Synchronize security to make the change take effect across the group. For more information about how to sync security, see Sync security.
Set security for individual levels and sublevels
You can set the security for individual levels. This allows you to set security for a level that is different from the root level. This also allows you to set security for a sublevel that is different from its parent level.
If you explicitly set security for a level that contains sublevels, any sublevels inherit security from the parent level, not the root level.
To set the security for individual levels and sublevels:
On the Case Home page, under Security, click Levels.
Optionally, to display sublevels, click the plus sign (+) next to a parent level.
In the row for a level, do the following:
Select the Set explicitly check box to set a level's security to be independent from its parent, rather than inherited.
Select Deny to make the level and all sublevels that are not explicitly set unavailable to the group. The Set explicitly check box is selected automatically.
Select Allow to make the level and all sublevels that are not explicitly set available to the group. The Set explicitly check box is selected automatically.
Optionally, do any of the following:
To allow the group to add documents to the level and sublevels, select Add.
To allow the group to delete documents from the level and sublevels, select Delete.
Clear the Set explicitly check box to set a level's security to be inherited from its parent.
Note: The Set explicitly value indicates the setting only for the level in the applicable row, not for any of that level's sublevels. You can apply different security settings to a sublevel by explicitly setting the security for the sublevel.
Synchronize security to make the change take effect across the group. For more information about how to sync security, see Sync security.
Sync security
After making changes to the Levels page, you must sync security across all affected groups to make the changes take effect. A warning message appears on the Levels page if security needs to be synced.
The application runs syncing tasks as jobs in the Processing Framework (RPF). For information about how to view jobs and troubleshoot any errors that occur while the job is processing, see Work with jobs.
The status icons in the Sync security dialog box indicate the current state of each group that needs syncing. Hover over the icon to view information about the status. If the Sync failed icon appears next to a group name, an error occurred in the RPF while the syncing job was processing. You must sync the group again to resubmit the job for processing. Otherwise, your changes will not take effect.
To sync security:
On the Case Home page, under Security, click Levels.
Click Sync security.
Note: The Sync security option appears only when security needs to be synced.
Only groups that need to be synced appear in the Sync security dialog box. Select the check box next to the groups that you want to sync.
Note: If other groups in the list are currently syncing or scheduled to sync, you must wait for them to finish before syncing more groups. You can check the progress of In progress and Sync scheduled security jobs by opening and closing the Sync security dialog box until the group name no longer appears.
Click OK.