Permissions Examples

<< Click to Display Table of Contents >>

EQuIS 7  >>  Enterprise > User Administration > Permissions >

Permissions Examples

The permissions that a user (or role) may be assigned are very flexible by design. For example, permissions can range from allowing full administrative read-write access, to only facility-specific data uploads, to view-only access to a single report created by another user—and everything in-between. Given the range and complexity of permissions, along with concerns regarding security and sensitive data, it is important that EQuIS administrators understand the various options before assigning permissions. To help with deciding how to define user permissions, this article outlines four example roles that illustrate one approach for user/role setup.

 

Warning: These roles are examples only, and EarthSoft advises against adopting them as-is without careful consideration of the particular user needs and workflow of your organization.

 

Data Submitter – The Data Submitter is an example role for a laboratory or other data submitter. This role allows the user to submit EDDs either by email/ftp or to upload the EDD via the EDP Widget. As defined here, this role does not provide the user with any ability to run or view reports.

 

Report Viewer Only – Report Viewer Only is an example role for users who review data. This role only allows for viewing dashboards, widgets, and reports that other users have created and specifically given access. The users will NOT be able to edit report parameters, save user reports, or edit widgets or dashboards. Note that this role has been granted viewer permission to the facilities object type, which will allow role members to view data for any facility. Certain workflows may need to be more restrictive, in which case, the viewer permission should be granted at the individual facility level.

 

Project Manager – The Project Manager is an example of a role that can create dashboards, view and download files, and view and create user reports.

 

Data Manager – The Data Manager can create dashboards, submit data (EDDs) via EDP, upload files, and create new user reports.

 

Note: Users assigned only to the Report Viewer Only and Project Manager roles may need additional permissions to specific custom reports, user reports, and/or user-created dashboards within the database.

 

Example permissions grids for each of the above roles are provided in the attached file: E7_Role_Permissions_2018.xlsx