Skip to main content
Mitratech Success Center

Event Module Security

 

Assignments are additive

If User has access to an event by at least one rule - User is able to see the Event

If User has access to an event with some Role by at least one rule - User is able to do all operations with the Event which the Role allows

 

Terminology

SHOWN-ONLY-TO-OWNER Event is an event which meets both conditions below at the same time:

  1. Event is created for Form with option Only Show Reporter enabled
  2. Event is in one of Statuses selected below the Only Show Reporter check box on Edit Form page

CONFIDENTIAL Event is an event with Confidential option enabled (available only for events created by Form with Confidential option enabled)

 

 

Custom Assignments

Applicable to: an Event with Custom Assignments (including CONFIDENTIAL & SHOWN-ONLY-TO-OWNER events)

Access granted to:

  1. Users that are selected in Edit Event page / Assignments tab
    • with roles from Admin / Users / Edit dialog
  2. Members of User Groups that are selected in Edit Event page / Assignments tab
    • with roles from Add Assignment dialog - if Consider Roles option of User Group is enabled
    • with roles from Admin / Users / Edit dialog - if Consider Roles option of User Group is disabled

 

 

Company Defaults

Applicable to: all Events except CONFIDENTIAL & SHOWN-ONLY-TO-OWNER events

Access granted to:

  1. Users that are selected in Admin / User Groups / Default User Groups page / Default Event Assignments section
    • with roles from Admin / Users / Edit dialog
  2. Members of User Groups that are selected in Admin / User Groups / Default User Groups page / Default Event Assignments section
    • with roles from Add Assignment dialog - if Consider Roles option of User Group is enabled
    • with roles from Admin / Users / Edit dialog - if Consider Roles option of User Group is disabled

 

 

 

Inherited from Org Unit/Entity Pair
Applicable to: all Events with selected Org Unit or Entity except CONFIDENTIAL & SHOWN-ONLY-TO-OWNER events

Access granted to:

  1. Users that are given access to Event's Org Unit / Entity pair
    • with roles from Admin / Users / Edit Assignments page that meet Role-Requirements
  2. Members of User Groups that are given access to Event's Org Unit / Entity pair
    • with roles from Admin / User Groups / Edit Assignments page that meet Role-Requirements - if Consider Roles option of User Group is enabled
    • with roles from Admin / Users / Edit dialog that meet Role-Requirements - if Consider Roles option of User Group is disabled

Role-Requirements:

  • Role must have option Only provide access to Own Events disabled
  • Role must be selected for the Current Event's Status on Admin / BR / Event Statuses popup
  • Role must be selected for the Event's Form on Admin / Forms / Edit Form page / Access Permissions field

Note: If User or User Group is assigned to Event's Org Unit / Entity pair, but Role-Requirements are not met - user does not have access to the Event

 

 

 

Owner

Applicable to: all Events except CONFIDENTIAL Events

Access granted to:

  1. User that created the event
    • with roles that user has against Event's Org Unit / Entity pair & meet Role-Requirements (including assignments of User Groups the user is member of)

Role-Requirements:

  • Role must be selected for the Current Event's Status on Admin / BR / Event Statuses popup

this role-requirement is not applied for SHOWN-ONLY-TO-OWNER Events

Note: If User is not assigned to Event's Org Unit / Entity pair - user does not have access to the Event

Note: If User is assigned to Event's Org Unit / Entity pair, but Role-Requirements are not met - user does not have access to the Event

 

 

 

Reporter & Party Involved & Team Member & Workflow Responsible

Applicable to: all Events except CONFIDENTIAL & SHOWN-ONLY-TO-OWNER Events

Access granted to:

  1. User selected in Event's Reporter field
  2. Users selected in Edit Event page / Parties Involved tab
  3. Users selected as Team Members
  4. Users selected as Responsible in finished or active Steps in Event's Workflow
    • with roles that user has against Event's Org Unit / Entity pair & meet Role-Requirements (including assignments of User Groups the user is member of)

Role-Requirements:

  • Role must be selected for the Current Event's Status on Admin / BR / Event Statuses popup

Note: If User is not assigned to Event's Org Unit / Entity pair - user does not have access to the Event

Note: If User is assigned to Event's Org Unit / Entity pair, but Role-Requirements are not met - user does not have access to the Event

Team Members for Event are used when 3 options enabled together:

  1. BR / Fields / Forms / Allow Multiple Reporters per Form?
  2. BR / Fields / Forms / Would you like to assign different roles to each Reporter?
  3. BR / Fields / Forms / Only schedule 1 Form for all Reporters

 

 

 

Confidential

Applicable to: CONFIDENTIAL Events (including SHOWN-ONLY-TO-OWNER Events)

Access granted to:

  1. Users selected as Confidential in Event Edit page / Select Confidential Users dialog
    • with roles that user has against Event's Org Unit / Entity pair (including assignments of User Groups the user is member of)

Note: If User is not assigned to Event's Org Unit / Entity pair - user does not have access to the Event

 

 

 

Superior of Owner & Superior of Reporter & Superior of Party Involved & Superior of Team Member

 

Applicable to: all Events except CONFIDENTIAL & SHOWN-ONLY-TO-OWNER Events

Access granted to:

  1. Superiors of User that created the event
  2. Superiors of User selected in Event's Reporter field
  3. Superiors of Users selected in Edit Event page / Parties Involved tab
  4. Superiors of Users selected as Team Members
    • with roles that superior user has against Event's Org Unit / Entity pair & meet Role-Requirements (including assignments of User Groups the user is member of)

Role-Requirements:

  • Role must have option Access Inferiors Events enabled
  • Role must be selected for the Current Event's Status on Admin / BR / Event Statuses popup

Note: If User is not assigned to Event's Org Unit / Entity pair - user does not have access to the Event

Note: If User is assigned to Event's Org Unit / Entity pair, but Role-Requirements are not met - user does not have access to the Event

Team Members for Event are used when 3 options enabled together:

  1. BR / Fields / Forms / Allow Multiple Reporters per Form?
  2. BR / Fields / Forms / Would you like to assign different roles to each Reporter?
  3. BR / Fields / Forms / Only schedule 1 Form for all Reporters

 

  • Was this article helpful?