Recall that security in BigTime is managed with a set of user "roles" that we call "security groups" and that those roles work just like a set of keys (permitting any user that has them access to various areas within the program that are "locked out" to anyone missing the key).
We showed you (in the last section) how to grant a user a specific security role (or, in effect, how to "hand them a set of keys" to the system). In this section, we'll talk about configuring the specific rights that make up that role. We will, in short, show you how to change the keys that are attached to each of your security key rings.
You can edit security settings from the Tools...System Settings...Security screen. There, you'll see a complete list of the various security settings that can be turned on/off for each of the security "roles" in the system. Select a security group from the pick list at the top of this page, and you'll see the list of permissions in the bottom half of the list refreshed to indicate what rights that group has been granted. A green check indicates a right, a red x indicates a "missing" right.
To add/remove a right from the group you've selected at the top of the page, simply click on the "permitted" check box. It will cycle between red and green each time you click it. When you've made all of the edits you'd like to, click the SAVE button at the top of the page to save your changes.
BigTime doesn't have a 'revoke' setting. So, a user's rights are the sum of the rights they've been granted. In this way, the security settings in BigTime are a little easier to manage than security in a typical operating system. However, that means there is no way to say "all users have this right EXCEPT the users in group x." To accomplish this in BigTime, you'd need to have two mostly groups: one for all users, and one for "group x."
All of the permissions in the system have a GROUP and a NUMBER, and BigTime's documentation refers to these rights by that combination. "Edit System Settings", for example, is permission "1.1". Whenever your users see an error related to their security permissions, the system will let them know what specific right(s) they're missing. This makes changes to the security rights a little easier to request.
See Also |