Applies to versions: 3.0, 3.1
The TimeIPS Enterprise Permission module is designed for companies that need to delegate responsibility and carefully control access within TimeIPS.
The TimeIPS Enterprise Permissions module (IPSPRM) provides the following features:
- Ability to create and manage permission groups that grant access or control over user-selectable groups of items.
- The items that can be controlled are virtually everything in TimeIPS. For example: employees, jobs, departments, employee pay rate, job codes, work orders, etc.
- The access or control levels include viewing, creating, editing, and deleting.
- Which items have access or control can all be based on the item being managed by you, being in your department, being in a site you manage, being in your division, being in a division you manage, etc.
- Employees can be assigned to one or more permissions groups. Thus, each employee will get the sum of all permissions granted by all groups assigned to them.
Note: Without IPSPRM, the basic groups still exist but cannot be customized.
Using the left pane Main Menu » Administration, click on: Employees » Permissions
Each Permission Group includes a set of permission options. These options can be viewed by clicking the + next to the names and viewing the entries within them. Some areas have several levels of options, indicated by additional + signs when you open the first level.
On the General Settings tab, you can
- change the Name of the permission group
- add a Description of the permission group
- select this as the Default Group for new employees
- or Delete this permission group
On the Modify Permissions tab, the actions and information this group has access to and control over can be changed.
The Permissions Summary tab contains an overview of all the actions and information this group has access to and control over.
Employees can belong to zero or many groups. Each group is allowed access to various actions and information. An employee who belongs to a group assumes all those permissions, and an employee who belongs to multiple groups will collect permissions from all the groups to which he belongs. Employees can belong to as many permission groups as needed to give them all the permissions necessary.
To give employees additional permissions
- Click the + (plus) sign next to the group you would like to add them to.
- Go to the Employees tab.
- Click on the employee's name to highlight it in the Employees Not In This Group column. Hold down the control key to hightlight mulitple names.
- Click the arrow pointing right to move the employee(s) to the Employees In This Group column.
- Click the Save Tab button to implement the changes.
TIP: Permission Group membership can also be managed on the Permissions tab of the Employee Adminstration page.
Using the left pane Main Menu » Administration, click on: Employees » Employee Administration » Permissions
Add New Permission Group
- Choose a Name for the new permission group.
- From the Templates drop-down box, choose a pre-existing permission group to use as a basis for the new group.
- After clicking the Add New Permission Group button, the new permission group will appear in the Permissions Settings table.
The Permission Audit provides a quick way to check who can do what based on the current permission groups and employee membership.
Example 1: See everything that a certain employee can do.
- Select that employee from the "Who:" drop-down box and click "Submit".
- The list of everything that employee can do will be listed below.
- Click the + (plus) sign to the left of a category to see which permissions the selected employee has associated with that category.
- In this example...
- Betty has NO Schedule Permissions.
- Betty does have the following Payroll permissions:
- Create, delete, and edit Custom Payroll/Report Presets for herself
- Edit and view Timesheet Approvals for herself.
Example 2: See everyone who can create Job Categories.
- Select "create" under "Can:" and "Job Categories" under "What:" and click "Submit."
- The list will show who can create Job Categories.
Example 3: See everyone who can work with badges.
- Select "ID/Badge Functions" in the "What:" option and click "Submit.
- The list will show who can produce badges, and for who.
Example 4: See who can do what For selected employees.
- Select a value for "Who:" and "Can:" and "What:" and "For:", then click "Submit.
- The list will show who can do what for the selected empolyees.
Data Table Permissions
Data Table Permissions can be used to accommodate special situations where access to or restriction of specific fields in a data table is needed.
Click the + (plus) sign next to Employee Data to expand the table.
From the General tab, you can change the Default Permission Item. This is a catch-all permission level for any employee data that is not listed on the Fields tab. In most cases, this is best left at "Employees".
Field Permissions provides a way to control which permission option is used for specific fields, primarily in the employee database tables. Under the "Fields" tab, each data Field is connected to a default Permission Item. Selecting a different Permission Item allows giving or restricting access to the field as needed.
In most cases, no changes will be needed to these permissions. In some cases, however, it may be beneficial to include specific employee fields in different permission options. For example, an employee's birthday is normally assigned to the employee-personal-info permission option. If you needed to keep birthdays more confidential, you might change it to the employee-pay-rate option. This way, only employees with pay-rate viewing ability could see an employee's birthday.
The Custom Targets Icon links to a special version of the Selection Groups page. Here you can create pre-set groups of employees that will be used as custom targets for permission groups. Using pre-set selections of employees allows convenient access to commonly used groups of employees without needing to select each one every time. These presets will be global across all divisions.