How permission groups interact

How do Onvio permission groups interact with each other? The short answer is “They don’t.” The access you grant through one permission group does not affect the access you grant through another permission group.

Example

Some of your firm’s staff work only on projects for non-confidential clients, while others work on projects for both non-confidential and confidential clients. A few of your staff only work on projects for confidential clients. These staff members will need to be able to enter their time and identify the clients on whose projects they were working.

In Best practices for permission groups, we recommended that you create focused permission groups that provide access to limited functionality and sets of contacts, so you can easily “stack” permission groups to customize access for individual employees.

For the firm in this example, you might create the following permission groups (among others).

Permission group

Functionality

Data

Timekeepers

Enter time & expenses

Non-confidential contacts

Senior Timekeepers

Enter time & expenses

All (or selected) confidential contacts

 

The staff who only work on non-confidential clients would be members of the Timekeepers permission group, and the staff who work on both non-confidential clients and confidential clients would be members of both the Timekeepers and Senior Timekeepers permission groups. The staff who only work on confidential clients would be members of the Senior Timekeepers permission group.

If you set up simple permission groups, as in the example above, you can easily provide the necessary access to all three sets of staff. The staff who are members of both groups are granted the access of the combination of the two groups, so you don’t need to design a special permission group just for those staff. Similarly, the staff who only work on confidential clients (Senior Timekeepers) only have access to those clients, and not to non-confidential contacts. Of course, in your office it may make more sense to provide such a group with access to all contacts, but in this example we sought to demonstrate the way in which these permission groups interact, or rather, how they really don’t interact.

The availability of some or all of these features depends on the applications your firm has licensed and the permissions your firm’s administrator has enabled for you.


Was this article helpful?