Here you will determine the data the login can access and what they can do with it. For an external login, permissions are restricted to projects associated with the selected customers.
This data is organized under sub-tabs, each of which covers a separate part of the product:
•Time & Expense, which determines the timesheets, expenses and budgets the login can access and the allowed processing
•Planning, which covers the tasks and assignments that can be processed
•Risks and Issues, which determine the risks and issues that the login can access and the allowed processing
•Strategic Planning, which defines what can be viewed and maintained
•CRM, which specifies allowed processing for certain clients and actions. Viewing and maintaining customers is not available for external logins, while viewing and maintaining actions for those logins is only available if Action Permission Mode (set through General Settings) is set to Resource and Project.
•Administration, which refers to the set up of data. Only View Setup for a customer’s own projects is available for external logins.
If the login has the same or similar permissions to an existing one, click Copy Permissions and then choose the login. You can change these permissions as necessary for this login.
You will set check boxes on to assign access rights to the indicated areas. Then make selections for those areas to determine the level of access that is available.
Most entries are in the form of sentences that work left to right across the screen. Thus, for example, an entry might state that the login can:
This entry means that the login can only maintain timesheets for the resource that is specified for the login entry and can do this for all projects that the resource works on. You can change:
to all Resources or to selected Resources
to or, meaning not just the specified Resource working on allowed projects, but to allow Resources irrespective of the project.
to selected Projects
In general, the choices are:
•All — any that are available, with no restriction
•Own — only for resources, meaning the single resource set for the login
•Security group – covering the resources or projects that are available to a security group, possibly other than your own. You will choose the appropriate groups via the Select button.
Through Security Group Settings, you can grant the ability for members of a Security Group to create projects and resources for use in that group only. If so, check Maintain Setup for and choose the Security Groups where this is permitted. For this to be effective, you will need to remove global access by unchecking Project or Resource at the Login Profile tab.
•Selected — means that specific records can be chosen. In this case, press the corresponding Select button and then click Add to choose the records that can be processed. Alternatively, click Copy from Permissions to select the projects selected in a different view (for example, you may set permissions for timesheets and use the same ones for expenses). It is generally better to use security groups since these provide a more structured method.
•My Resources — allows access to resources where your own resource is the line manager.
•My Resources except Own — the same as My Resources but excludes your own resource. Only applies to Approve and Pay permissions.
•My Department Resources — allows access to any resources in the same department as your own resource.
•Projects — allows access to projects where your own resource is the project manager.
•Projects and Children — the same as Projects but additionally gives access to their child projects
When assigning projects, resources and security groups to the login, a Copy From button is available. This provides a list of security group permissions. Selecting one will apply all its security groups for this permission.
For the approval of timesheets and expenses, you can additionally determine that logins can approve all resources except their own or all resources covered by their security groups except their own. This ensures that timesheets and expenses are approved by someone else.
An example of these settings is provided next.
A login is a member of the following security groups
If the login has Own Resource set to BROWNI and can:
•View Timesheets for Security Group Resources working on Security Group Projects
•Maintain Timesheets for Own Resource working on Security Group Projects
•Approve Timesheets for Security Group Except Own Resource working on Security Group Projects
the login can:
View Timesheets for
Maintain Timesheets for
Approve Timesheets for