Thursday, 6 September 2018

New User Role Management (for Admins)

This article is a 'must read' for TrakIT Administrators for major upcoming changes in TrakIT.

Over the past many years, we've received many requests for enabling or disabling some features or sections in TrakIT for specific users or groups. Until now, TrakIT had a few fixed operations roles that the users could have - namely: Read-Only, Operations, PowerUser, Admin and SysAdmin. These roles had fixed accessibility and permissions across the application. In addition, we had several finance roles for various actions in the finance module.

As TrakIT keeps evolving, newer requirements and newer modules are added to the system. Maintaining the same amount of flexibility with fixed roles has been increasingly more challenging with clients having very specific requirements about users roles and the actions they are permitted to make.

We have been working very hard over the last few weeks on a completely new User Role Management module that will give you unlimited flexibility over how you can control what users see and can do in TrakIT. Over the next week or two, we will releasing the new Role Management Module.

The previous roles (with the exception of the SysAdmin), will be deprecated from TrakIT. The SysAdmin, as before will have complete and unrestricted access to all sections of TrakIT. Therefore, it is imperative and there are only one or two SysAdmins for TrakIT in your organization.

Roles will not be fixed any more and they can be created and modified by the SysAdmin. Additionally, each action for a role can be defined in a comprehensive list of actions available for the whole application.

User Role Management

The Admin > Role Management page is accessible only by SysAdmins. The page has three sections:
  • User Role Assignment
  • Role Customisation
  • Role Masters

Assigning User Roles

When creating a new user, you can specify an initial Role for the users, subsequently, you may assign more roles. A user can now have multiple roles.



To assign a role to a user, simply select the user on the left table, click the 'Add Role' button, select the role and click 'Add'.

To remove a role, click the remove icon next to the role. The changes are immediately applied to the user's profile even if he is logged on. The user does not need to logout and login again for the role changes to have effect.

Role Customisation

To customise the actions that a role may make, you first need to select the Role you want to customise form the drop-down list.

Every action that can be taken in the TrakIT is listed in various Sections, which are then grouped together. There are currently five major groups, listed alphabetically.
  1. Admin
  2. Finance
  3. Operations
  4. Reports
  5. System
Each Group has multiple sections listed. Clicking on a Group expands the Group and displays all the sections within the Group. Clicking on a Section expands it and displays all the actions within that section.

Shown below is an example where the SysAdmin is customising the 'Basic Access' role. The action for uploading a file for bulk update has been granted. The Upload action belongs to the Bulk Updates section that belongs to the Operations Group.



Once you assign/remove actions for the role, you must click on the 'Update' button to save changes.


Role Masters


The Role Masters tab allows SysAdmins to create new roles or remove roles as required. The previous roles in TrakIT will now be visible as "Fixed" roles that cannot be renamed. Eventually, these will be unlocked as well.



Summary


The new User Role Management module will provide unlimited flexibility in how you can control what users do. Every action in TrakIT can now be controlled and can mimic your company policies on what users can or cannot do. This will greatly increase the security of your data as well as prevent un-authorised or accidental updates or changes in TrakIT.

If you face any issues with user permissions or if you have any questions, please contact TrakIT Support.