Here you will determine the data the login can access and what they can do with it. For an external login, permissions are restricted to projects associated with the selected customers.

This data is organized under sub-tabs, each of which covers a separate part of the product:

    Time & Expense, which determines the timesheets, expenses and budgets the login can access and the allowed processing

    Planning, which covers the tasks and assignments that can be processed

    Risks and Issues, which determine the risks and issues that the login can access and the allowed processing

    Strategic Planning, which defines what can be viewed and maintained

    CRM, which specifies allowed processing for certain clients and actions. Viewing and maintaining customers is not available for external logins, while viewing and maintaining actions for those logins is only available if Action Permission Mode (set through General Settings) is set to Resource and Project.

    Administration, which refers to the set up of data. Only View Setup for a customer’s own projects is available for external logins.

NOTE:
Logins that have a Login Profile that does not have set up permission for projects cannot normally create project records. However, if Maintain Setup for has Security Group Projects set at the Administration sub-tab, the login can create projects for any security groups that are selected there.


 

If the login has the same or similar permissions to an existing one, click Copy Permissions and then choose the login. You can change these permissions as necessary for this login.

You will set check boxes on to assign access rights to the indicated areas.  Then make selections for those areas to determine the level of access that is available.

Most entries are in the form of sentences that work left to right across the screen.  Thus, for example, an entry might state that the login can:

 

 

(a)

 

(b)

©

 

Timesheets

Maintain

Own

Resources

working on 

All

Projects


This entry means that the login can only maintain timesheets for the resource that is specified for the login entry and can do this for all projects that the resource works on.  You can change:

 

(a)

to all Resources or to selected Resources

 

(b)

to or, meaning not just the specified Resource working on allowed projects, but to allow Resources irrespective of the project.

 

©

to selected Projects


In general, the choices are:

    All — any that are available, with no restriction

    Own — only for resources, meaning the single resource set for the login

    Security group – covering the resources or projects that are available to a security group, possibly other than your own. You will choose the appropriate groups via the Select button.

Through Security Group Settings, you can grant the ability for members of a Security Group to create projects and resources for use in that group only. If so, check Maintain Setup for and choose the Security Groups where this is permitted. For this to be effective, you will need to remove global access by unchecking Project or Resource at the Login Profile tab.

    Selected — means that specific records can be chosen. In this case, press the corresponding Select button and then click Add to choose the records that can be processed. Alternatively, click Copy from Permissions to select the projects selected in a different view (for example, you may set permissions for timesheets and use the same ones for expenses). It is generally better to use security groups since these provide a more structured method.

    My Resources — allows access to resources where your own resource is the line manager.

    My Resources except Own — the same as My Resources but excludes your own resource. Only applies to Approve and Pay permissions.

    My Department Resources — allows access to any resources in the same department as your own resource.

    Projects — allows access to projects where your own resource is the project manager.

   Projects and Children — the same as Projects but additionally gives access to their child projects

When assigning projects, resources and security groups to the login, a Copy From button is available. This provides a list of security group permissions. Selecting one will apply all its security groups for this permission.

For the approval of timesheets and expenses, you can additionally determine that logins can approve all resources except their own or all resources covered by their security groups except their own. This ensures that timesheets and expenses are approved by someone else.

An example of these settings is provided next.

A login is a member of the following security groups

Security Group

Resources

Projects

Clients

SALES

BROWNI
HAGUEL
WILDS

_NONPROJECT (global)
_SALESDRIVE

 

MARKETING

BROWNI
DAVISP

_NONPROJECT (global)
_CAMPAIGN

ANYTOWN
BUILDCON
CORPNET
TRANSLOG


If the login has Own Resource set to BROWNI and can:

    View Timesheets for Security Group Resources working on Security Group Projects

    Maintain Timesheets for Own Resource working on Security Group Projects

    Approve Timesheets for Security Group Except Own Resource working on Security Group Projects

the login can:

View Timesheets for

BROWNI
DAVISP
HAGUEL
WILDS

working on

_NONPROJECT
_CAMPAIGN
_SALESDRIVE

Maintain Timesheets for

BROWNI

working on

_NONPROJECT
_CAMPAIGN
_SALESDRIVE

Approve Timesheets for

DAVISP
HAGUEL
WILDS

working on

_NONPROJECT
_CAMPAIGN
_SALESDRIVE


 

NOTE:
The permissions define the extent of the data that can be accessed, and subsequent actions.  However, for the Business Information and Administration tabs, the selections only apply if general permissions for these business entities are turned off in the Login Profile. If permission is granted through the template, then full access is always allowed.