Configuring Application Security Settings

After the application is created, you need to add users who will work with it. Within the application, a user must be added to one of the default or custom roles, each of which implies a particular set of permissions.

Users can be added individually or in bulk by groups.

Default security roles

Comindware Tracker provides 4 default security roles, each of which implies a particular set of permissions.

  • Owners
    • Can add and remove users or user groups to/from the application.
    • Full control over the application's items, including deleting and editing them.
    • Can create and edit lists and dashboards that belong to the application.
  • Members
    • Can create and manage the application's items but cannot delete them (including self-created items).
    • Can add the application's lists and dashboards to Favorites.
    • Can create and edit personal lists and dashboards in My Desktop.
  • Viewers
    • Can view all the application's items (read-only).
    • Can add the application's lists and dashboards to Favorites.
    • Can create and edit personal lists and dashboards in My Desktop.
  • Requestors
    • Can create items in the application.
    • Can view and modify only self-created items.
    • Can add the application's lists and dashboards to Favorites (the Comindware Tracker Full license has to be assigned).
    • Can create and edit personal lists and dashboards in My Desktop (the Comindware Tracker Full license has to be assigned).

Requestor permissions can be assigned to users with the Comindware Tracker Full license and Comindware Tracker Requestor license.

The following table represents the default roles. Besides the permissions provided for by your role, you may view and modify all tasks assigned to you.

ActionsDefault roles
  Owners Members Viewers Requestors (users who have Full License)
Modifying an app settings Yes      
Creating and modifying any lists Yes      
Creating new items Yes Yes   Yes
Modifying any items Yes Yes    
Modifying self-created items Yes Yes   Yes
Deleting items Yes      
Deleting self-created items Yes      
Viewing all items Yes Yes Yes  
Viewing self-created items Yes Yes Yes Yes

The set of permissions in a default role cannot be changed. In order to create a custom set of permissions, add a custom role.

 

Adding a custom role

When configuring an application security settings, a need in a new set of permissions may arise. To create it, you have to add a custom role to the application (as the default role permissions are unalterable).

To add a custom role:

1. Go to the Application Setup -> Security.

2. Choose Add a New Role (under the Roles list).

Adding a custom role

3. On the Users tab, enter the role name and add individual users or user groups to the role.

4. On the Permissions tab, assign permissions to the role.

5. On the Data Access tab, define which application fields are to be accessible for the role holders.

6. When done, click Save & Close.

 

Adding users to a role

In order to work with an application, a user must be added to one of the application default or custom roles. You can add users individually or in bulk by groups.

Users are to be allocated to their roles by the application Owners. By default, the first application Owner is its creator.

To add users to a role:

1. Go to the Application Setup -> Security.

2. In the Roles list, select the role.

3. On the Users tab, add/remove individual users or user groups by using the Add, Add All, Remove, Remove All buttons.

4. When finished, click the Save & Close button.

Managing role holders

 

Assigning permissions to a role

Each default role has a predetermined set of permissions that you cannot change. You may assign permissions only to a custom role.

Besides the permissions provided for by your role, you may view and modify all tasks assigned to you.

To assign permissions to a custom role:

1. Go to the Application Setup -> Security.

2. In the Roles list, select the role.

3. On the Permissions tab, check the relevant permissions.

4. When done, click Save & Close.

Assigning permissions to a role

 

Data access for a role

It often happens that certain users are not supposed to see or modify particular data pieces. For example, budgets must be open only for accountants; it's but a product manager who can change the target release, etc.

In Comindware Tracker you can handle such situations by defining which application fields for which roles are to be accessible.

The settings can be done for both custom and default roles. For each role, fields are assigned one of the following statuses: Hidden, Read-only and Editable.

Note:

  • Field read/write permissions are also applied concerning a particular step - in the step properties.
  • Should permissions in Step properties and in Application Security overlap, a prohibitive rule is always predominant. For example, if you make a field read-only on some step, it's impossible to change the field on this step, even having the relevant permissions in the Application Security. And so forth.
  • The Hidden status affects operation of the whole system: Users won't be able to see hidden data in Forms, Lists, Dashboards, History, Notifications, Mobile apps, Share Point, Outlook, Search results etc.
 

To set data access for a role:

1. Go to the Application Setup -> Security.

2. On the Data Access tab, make fields editable, read-only or hidden by clicking on the relevant options. Be aware of the following rules imposed:

  • System fields are not available for hiding.
  • You can make some system fields editable (such as Title, Description and Due Date) but most of them can be solely read-only.
  • All custom fields can be in any status: Editable, Read only or Hidden.

3. When finished, click Save & Close.

Setting data access for a role

Attachments
There are no attachments for this article.
Feedback
Security Code
Related Articles
Synchronizing Tasks
Viewed 44 times since Wed, Dec 5, 2018

How to set up notifications in Outlook for incoming Comindware Tracker messages
Viewed 48 times since Wed, Dec 5, 2018

Creating a List
Viewed 45 times since Wed, Dec 5, 2018

Setting Up E-mail Notifications
Viewed 94 times since Wed, Dec 5, 2018

Working On a Workflow Task
Viewed 82 times since Wed, Dec 5, 2018

Comindware Tracker FAQ
Viewed 219 times since Wed, Dec 5, 2018

Assigning a task to the manager of a user
Viewed 46 times since Wed, Dec 5, 2018

Managing parallel subtasks and subprocesses in Comindware Tracker
Viewed 44 times since Wed, Dec 5, 2018

Functions
Viewed 44 times since Wed, Dec 5, 2018

Getting More Information
Viewed 48 times since Wed, Dec 5, 2018