The different access right types
The user access rights determine what a specific user can do and/or view in Populum. A user’s access rights are affected by his/her position in the organization tree, as well as any extended access rights that may have been assigned to him/her manually. There are 3 different access rights types:
- Manage organization – the right to perform changes to the organization tree (without anyone else’s approval needed). Note that all users have access to view and navigate the entire organizational tree.
- Report access – the right to view reports within a specific organizational scope.
- Manage access – the right to administer extended access rights (i.e. assign extended access rights to another user).
Access rights are always associated with an organizational scope for which the specific rights are granted (e.g. a team, department, region etc.).
Default access
By default, what access rights a user has depend on his/her position in the organization tree:
- Manage organization – By default, a user can make changes within the team/organization he/she manages (i.e. below oneself in the organization tree). This means that users who are not managers have no organization access at all (although everyone can view the whole organization tree as well as suggest changes).
- Report access – By default, a user can view the reports of the team/group he/she is part of himself/herself, as well as any reports for scopes below him/her in the organization.
- Manage access – By default, a user does not have permission to administer extended access rights.
Extended access rights
In addition to the default access rights derived from the organization tree, users can also be granted extended access rights. Extended access rights are also always associated with an organizational scope, and extended access rights can for instance be granted to a department or a region.
Extended access rights also come in the same 3 different types as default access rights (see above). Extended access rights to a specific organizational scope can be granted by a user who has the access type “Manage access” to that specific organizational scope (or a larger scope where this scope is included). If you need help with assigning extended access rights, you are welcome to contact us.
How to grant extended access rights
If you have the necessary “Manage access” access to an organizational scope, you have the possibility to grant other users extended access rights to this organizational scope (or to a sub-scope). To grant another user extended access rights:
- Choose “Organization” in the top menu.
- If you have the necessary “Manage access” permission, you should now see a button called “Manage access“. Click this button.
- Choose “Add access“.
- Search for the user who should be grated access (via name or email) and select his/her name in the search results.
- Select the organizational scope to which the user should be granted access.
- Select the type(s) of access(es) the user should receive (see explanation of the different access types above) and click “Save”.