1. SureCloud Platform
  2. Administration
  3. User Management

Managing a User's access to Records

User access to records is determined by the permissions granted through their assigned Roles and the context applied to the records within the Hierarchy.

Entity-Based Permissions

  • Users can view and interact with records based on the entities for which they have permissions.
  • Permissions are further refined by the Hierarchy Context applied to records, which limits access to users associated with specific hierarchy nodes.

Roles

Roles define a user’s access to platform functionality and records by specifying:

  • System Permissions – Basic access rights within the platform.
  • Entity Permissions – Create, Read, Update, and Delete (CRUD) permissions for specific entities.

Each role consists of predefined permissions that determine a user’s ability to interact with records, modify system settings, and perform administrative tasks.

Groups

  • Roles are assigned to Groups, which serve as collections of users.

  • Users automatically inherit all permissions assigned to the group(s) they belong to.

  • When a new hierarchy item is created, a corresponding group with the same name is automatically generated.

  • Managing membership of these hierarchy-based groups ensures users have the correct access to records tied to specific hierarchy nodes.
  • Managing group memberships helps control which roles (and permissions) apply to users.
  • Users automatically inherit all permissions assigned to the group(s) they belong to.

Managing User Access

To ensure users have appropriate access to records and platform functionality:

Assigning Roles

  • Verify that users are assigned roles that provide the necessary permissions for their tasks.
  • Roles can be granted based on job function, department, or security clearance.

For more details, see Managing Roles.

Managing Groups

  • Assign users to relevant groups to provide access to the appropriate roles.
  • Groups simplify permission management by reducing the need to assign roles individually.

For group management instructions, see Creating and Managing Groups.

Configuring Hierarchy Contexts

  • Records are associated with specific hierarchy levels that determine user access.
  • A user can only interact with records that fall within their assigned Hierarchy Context.

To configure hierarchy access, refer to this article.

Adjusting Permissions

  • If a user requires additional access, modify their Roles or Group memberships instead of granting individual permissions.
  • Regularly review and update roles, groups, and hierarchy settings to maintain security and efficiency.

Best Practices

  • Follow the Principle of Least Privilege (PoLP) – Assign only the minimum permissions required for each user.
  • Use Groups for Access Control – Instead of assigning permissions directly, leverage group memberships.
  • Review Access Regularly – Periodically audit user roles and permissions to ensure compliance and security.
  • Monitor Changes – Keep track of changes to user permissions and roles to prevent unauthorized access.

For a step-by-step guide on managing user permissions, visit Managing System Permissions.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section