One user can now have multiple privacy roles
We’ve made a small but powerful enhancement to the management of user roles in Safefood 360°. Instead of being limited to selecting just one user role for each user you can now select multiple.
You could now for example create two different roles – let’s say one for “Corrective Actions” and one for “Laboratory Technician” and assign both of these roles to a single user. This would effectively give that person access to both laboratory related modules as well as corrective action. If you have been dealing with privacy settings and user roles before you’ll know immediately how much easier this little change will make the management of a larger user base.
We haven’t blogged too much about user roles before, so let’s look at what user roles are and how they work.
What are custom user roles?
User roles allow you to limit a user’s access to certain modules and determine what content they are allowed to view or edit. They are essentially a privacy and security tool that allows you to regulate access to your system and keep your data safe. You can edit your own custom user roles under “Settings” > “Users” > “User Roles” if you are an administrator and your site is on the Premium plan.
For example you could make a user role that looks like this:
- Can access only the Cleaning module
- Can’t edit the settings of cleaning programs
- Can enter the first details of a cleaning record
- Can’t enter the verification details or close a record out
- Can’t access cleaning reports
The above example would be a great example of a user role that you might want to create for your team of cleaning operators. This role would allow the team to access the cleaning module and complete the first part of a cleaning record, but would not give them the permission to change the settings of cleaning programs or access reports.
What about system user roles?
The above example is about custom user roles but the software has also a set of system provided user roles that will address most of the daily situations. So even if you have the Essential plan and can’t use the custom roles, there are still options available for you to limit the access of users.
| Read-only | Standard | Manager | Admin | |
|---|---|---|---|---|
| Settings | No | No | No | Yes |
| All Modules | Yes | Yes | Yes | Yes |
| Program Settings | Read only | Read only | Yes | Yes |
| Records | Read only | Yes | Yes | Yes |
| Reports | Yes | Yes | Yes | Yes |
If we read the table we can see that Administrators for example will have access to everything – and most importantly they are the only group that has access to the settings page. This is important because administrators are able to change user roles. Managers are allowed to create new programs in the modules where as Standard users can only create new records under programs but can’t change the program configuration. Read-only user can go everywhere in the software but can only read.
An important difference between custom and system roles is that custom roles allow you to select the users access even within each record type as we discussed above. Limiting access to only certain stages in a workflow combined together with the “Alerts” module allow you to create automated processes where an alert for example notifies a cleaner to complete the first stage of a cleaning record as soon as a new job has been automatically scheduled. As soon as the cleaner completes the job a supervisor can get the next alert that tells her to complete the verification stage. A third alert can notify the production manager about missed delays allowing effective escalation.
That’s it – you should now know all the basics about managing user roles!
Leave a Reply
Want to join the discussion?Feel free to contribute!