This document covers the security features and user roles and permissions of HRCloud. It explains how to set user roles and customize permissions based on those user roles.
User permissions control how users access the HR Cloud application, what can they view, edit or create through the application. One of the important features of this application is that it allows customization of not only form level permissions but also field level permissions to be associated with different users. This implies that every user will have different permissions on CRUD (Create, Read, Update and Delete) operations regarding data in the system on the basis of their roles and responsibilities.
This makes the system more flexible and secure.
There are eight different types of roles that you can assign to users. Each of these user roles is associated with a different set of default permissions for users. Refer to this to learn about the various types of user roles and their default permissions. A user can be associated with only one user role. At any point in time, an HR admin can change a user’s role.Set user role
By default, whenever a new user is created through the People app, the user role assigned is Employee, Manager or HR operation depending on the position of the employee. However, an admin can modify employee role and permissions at any time using the following steps.
- Go to People and search for the employee for whom the role is to be set.
- Click the employee name to open his profile and go to the Account tab.
- Click on the ‘Change Security’ link at the bottom and select the new user role to be assigned and permissions to be given. Click ‘Save’.
As stated above, HR cloud allows customization of form level and field level permissions for different user roles. You can modify the permissions associated with different forms and fields within the form as well. However, only an HR admin can make amendments.
- Go to ‘System Settings’ in the left panel. Click on ‘Templates’ and select the ‘Form Builder’.
- It lists the forms existing in the system. Choose the form for which permissions are to be set.
- Click on ‘Permissions’. The following page has two tabs. The Form/Entity tab shows the permissions table for the form as a whole entity.
- The field tab shows user permissions on individual fields of the form.
- The form permissions matrix shows the users on the top and permissions on the left. The first row shows the scope of permission.
The scope of permissions include:
- All users - When the permissions granted will affect all the users with the given user role.
- User’s records – When the permissions affect only the user’s forms and the user can edit only his own forms.
- Direct reports – When the permissions affect the user’s forms as well as the forms of the employees directly reporting to the user.
To set the permissions, choose the appropriate scope of permission for a user role and check the grids shown in the corresponding columns.
If create or update permission is given, read permission is automatically assigned. Also, permissions given for user and direct report records can vary. However, permissions given to all the users will apply to everyone.
The field tab shows the permissions on individual fields of the form. The user roles are listed in the left panel. Permissions corresponding to the chosen user are shown in the right panel on the page.
To set permissions, select the role in the left column. Each field of the form is listed in the right. Choose the scope of permissions from the top of the page. The first two columns specify the field type and whether or not it is mandatory. To set a permission, check the corresponding grid.
Click ‘Save’ after making all the necessary changes.