Roles

Roles and permissions are maintained in both InEight Platform and in Compliance respectively. In Platform, they can be accessed by navigating to Suite administration > Roles and permission, and then selecting Organization and project.The setup and design of Compliance’s permissions and roles are different than any other of the InEight cloud platform applications. It is important to know that a Level 3 role (high level permission allowing for the viewing of all modules in Compliance) must be present and maintained correctly in Platform for subsequent users to get added in Compliance.

User Role Definitions

Overview – Platform and Compliance User Role Definitions

Name	Module	Definition	Examples Names
Platform account administrators	Platform	Account Administrators with Level 3 – Account Admin access. Highest level access with view all modules and edit all modules access.	Account Administrator Dev/Ops Administrator
Compliance module administrator	Platform	Responsible for creating or modifying the roles for the specific Compliance Admins within each module.	Safety Dept Administrator Quality Dept Administrator Compliance Product Administrator
Compliance admins	Compliance	Responsible for administering Compliance on a daily basis per the organizational assignments.	Compliance Administrator
Compliance roles	Compliance	Specific job roles with limited access.	Form Creator Crane Manager

Platform Permissions

Platform Account Administrators need to have Level 3 permissions, which allows access into Compliance with the suitable permissions. By default, this is assigned to an Account Administrator and a Dev/Ops role. This permits full open access to view all modules and should be assigned with discretion. During initial setup, a Platform role lower than Level 3 will not have access into Compliance.

Any other permission to get into Compliance, outside of the Level 3 role needs to be obtained within Compliance.

No settings in Platform exist that will allow a level lower than a Level 3 to get into Compliance. 

A Compliance menu drop-down option does not exist in the Permissions in Suite administration > Roles and permissions > Permissions.

By default, Platform Account Administrators should already be set up to View all modules (as shown below in the Organization and project > Compliance settings). If checked, these settings override all Compliance level permissions. It is required that first user to log into Compliance be a Level 3 user.

The Platform Account Administrators will then set up a second user in Compliance. As common practice, the second user in Compliance can then start to assign users directly within Compliance.

In general, the average Compliance user does not need a Platform permission to get into Compliance. Users (other than a Level 3 user) are maintained directly in Compliance. A level 3 user assignment overrides all Compliance-level assignments.

Compliance Permissions

Compliance roles are module and Compliance specific. You can set permissions to each role for each module. They are comprised of permissions that you can perform inside of the specific Compliance module.

Within Compliance you can create as many roles as needed to facilitate any process you plan to do within the module. The standard Compliance application comes with the following seated roles:

• Module administrator – gives full access to all the permissions and allows anyone with the role to perform these events or actions
• Reporter – general role that allows anyone within this role to execute forms in any category or project assigned. It does not allow manipulation of other users, role creation, or template creation
• Read only – general role that allows anyone within this role to view events and tasks in any category or project assigned. It does not allow manipulation of other users, roles, templates, events, or tasks

Any created role defaults to reporter permissions until you change it.

The following tables summarize the actions you can take on individual Compliance pages with each permission.

Module Permissions

Permission	Page	Permitted Actions
Edit module summary	Module summary	Add and edit Module name. Add and edit Description. Add and edit Module image. Activate and deactivate module toggle.
	Compliance landing page	View side menu and tiles according to your assignments.
	Module landing page	View side menu Settings link.
Create and edit reporting tags	Module summary	Create and edit tags.
Manage module organization exclusions	Module summary	Exclude or include any level of an organization or project.
Create and edit categories	Categories	Add a category. Edit a category. Inactivate a category. Delete a category.
Create and edit classifications	Classifications	Add a classification. Edit a classification. Inactivate a classification. Delete a classification.
Create and edit statuses	Statuses	Add a status. Edit a status. Inactivate a status. Delete a status.
Edit email templates	Email templates	Edit an email template.
	Compliance landing page	Side menu and tiles according to your assignments.
Create notifications	Events list Tasks list	Create notifications for projects, roles, and users in your assignments.
Create and edit Inspection and Test Plans	Inspection and test plans	Create and edit inspection and test plans in organizations and projects.
Create and edit User groups	User groups	Create and edit user groups.

Event Permissions

Permission		Page	Permitted Actions
Edit completed events/tasks		Events list Tasks list	Reopen a completed event to pending status.
		Event (inside) Task (inside)	Use complete button after a closed event or task is edited.
Edit event/task properties	(The subpermissions below can be selected and deselected after Edit event/task properties is selected.)	Events list Tasks list Event (inside) Task (inside)	Edit an event or task in your assignments using the Information slide-out panel.
		Form flow panel on event	Edit any role or user in available steps.
	Edit event/task proj/org	Events list Tasks list Event (inside) Task (inside)	Edit the Proj/org field of any event or task in your assignments using the Information slide-out panel.
	Edit event/task category	Events list Tasks list Event (inside) Task (inside)	Edit the Category field of any event or task in your assignments using the Information slide-out panel.
	Edit event/task due date	Events list Tasks list Event (inside) Task (inside)	Edit the Event date and Due date fields of any event or task in your assignments using the Information slide-out panel.
	Edit event/task status	Events list Tasks list Event (inside) Task (inside)	Edit the Status field of any event or task in your assignments using the Information slide-out panel.
	Edit event/task Reporter/Responsible party	Events list Tasks list Event (inside) Task (inside)	Edit the Reporter and Responsible party fields of any event or task in your assignments using the Information slide-out panel.
	Edit event/task title	Events list Tasks list Event (inside) Task (inside)	Edit the title field of any event or task in your assignments using the Information slide-out panel.
Delete events/tasks		Events list Tasks list	Delete any event in assignments area.
Only provide access to own forms/tasks on the event/task list (Select one or more categories from the drop-down list)		Events list Tasks list	View only events where you are a reporter. You cannot see any other events or tasks you did not initiate as a reporter.
View deleted categories in the event/task list		Events list Tasks list	Filter to show inactivate categories.
Copy events/tasks from event/task lists		Events list Tasks list	Copy an event or task. You cannot copy an event with form flow.
Allow access to event/task history (Select one or more categories from the drop-down list)		Event and task information panel	View the history of the event or task.

Roles/Users Permissions

Permission	Page	Permitted Actions
Create and edit roles	Roles	Add a new role. Edit a role. Copy a role. Delete a role.
	Add role dialog box	Add a name. Add description. Select active check box. Add all permissions.
	Edit role dialog box	Edit a name. Edit description. Select active check box. Edit all permissions.
	Compliance landing page	View side menu and tiles according to your assignments.
	Module landing page	View side menu Roles link.
Create and edit user assignments	User assignments	Add a new assignment. Edit an assignment. Copy an assignment. Inactivate an assignment. Delete an assignment. Transfer user assignments. Create a user group.
	Compliance landing page	View side menu and tiles according to your assignments.
	Module landing page	View side menu User assignments link.
Restrict the ability to assign users to the following roles	Add user assignments wizard	Enable roles available to create a user assignment.
	Edit user assignments icon on assignments slide-out panel	Edit icon is available only if roles from list associated with the permission are the only roles on the assignment. If an assignment includes a role that is permitted and a role that is not permitted, you cannot edit the assignment.
	Remove user assignments	Remove icon is available only from roles list associated with the permissions.
Restrict the ability to assign users to only the following reporting tags	Add reporting tags dialog box in User assignments	Can only assign the selected reporting tags to users.

Template Permissions

Permission	Page	Permitted Actions
Create and edit templates	Templates manager forms	Create a new form. Edit a form. Copy a form. Inactivate a form. Delete a form.
	Templates manager tasks	Create a new task. Edit a task. Copy a task. Inactivate a task. Delete a task.
	Form builder	Use all functions including form flows.
	Task builder	Use all functions including form flows.
	Compliance landing page	View side menu and tiles according to your assignments.
	Module landing page	View side menu Templates manager link.

Read only role

The Make this role read only check box is at the bottom of the Add role or Edit role dialog boxes.

Permission	Page	Permitted Actions
Make this role read only	Compliance landing page	View side menu and tiles according to your assignments.
	Module landing page	View links. View forms. View tasks. To-do list is not shown because forms and tasks cannot be assigned.
	Events page	View events according to your assignments. View information side panel. Cannot enter information in fields.
	Tasks page	View tasks according to your assignments. View information side panel. Cannot enter information in fields.

Dashboard Permissions

Your project’s home landing page dashboard will always show the Compliance option on the left side bar menu and the Compliance tile on the dashboard, regardless of a user’s permissions.

If you click on the Compliance tile or select Compliance from the side bar menu, and do not have the applicable Compliance permissions assigned within Compliance, a message will appear requesting you to coordinate permissions setup with your Admin.

Permissions Workflow

The following diagram maps out the Compliance permissions workflow phases.

Compliance Permission Phases

#	Phase	Module	Definition
	Implementation Phase	Platform and Compliance	The process for creating Platform and Compliance permissions in the InEight cloud platform.
1	Platform Account Admin access	Platform	Dev Ops and other Account Admin roles have Compliance permissions, allowing for full open access into Compliance. Suite administration > Roles and permissions.
2	Compliance role creation in Platform	Platform	The Account Admin creates Compliance Module Admin Level 3 roles for Compliance module specific administration. This is specific to the roles’ discipline. Examples: Safety Dept Administrator Quality Dept Administrator Environmental Dept Advisor Compliance Product Administrator The Account Admin changes the settings for the Safety Dept. Administrator to have View safety module and Edit safety module access. Suite administration > Roles and permissions
3	Compliance Admins created to facilitate administration of product	Compliance	Compliance Module Admin creates the Compliance Administrators, who facilitate the administration of the Compliance product. Allows for ability to make other Compliance assignments.
4	Admins are created within Compliance at lower levels	Compliance	You can use the seated Administration role for providing role access. Compliance Admins are created within Compliance at lower levels of the organization to facilitate administration of the product.
5	Compliance must have roles & assignments per module	Compliance	You can use the seated Reporter role for the activity of filling out forms. Other (limited access) role options available based on your business needs. Compliance must have roles and assignments within Compliance in each module being utilized.

Permissions Workflow Diagram

Implementation Phase Setup & Activities

The Compliance Implementation phase for InEight cloud platform involves setting up permissions and roles for your Compliance users, in both Platform and in Compliance.

Step 1: Platform Account Admin Access

The Level 3 – Account Admin roles first need to possess Level 3 – Account Admin level access.

Platform Account Administrators need to have Level 3 – Account Admin permissions to be able to grant access to the Compliance Admins such as the Safety and Quality Dept Admins. You can edit the Level 3 roles in Suite administration > Roles and permissions by selecting Account Administrators and clicking on the change icon.

If a Platform Account Administrator does not have Level 3 – Account Admin access, click the check box next to the name of the role and select change.

Scroll down the screen to select the Organization and project menu to view the Compliance settings permissions.

Compliance does not have its own menu under Permissions. The Compliance settings are located under the Organization and project menu.

The Platform Account Administrator needs to then navigate into the Suite Administration > Add or Edit Role > Suite Administration > Compliance setting to adjust Administrator level to Level 3, then grant access to both View and Edit all modules. By selecting both permissions, it will override all permissions that are set within Compliance.

The typical Compliance user does not need a Platform permission to be able to get into Compliance.

Step 2: Compliance Role Creation in Platform

When the Platform Account Administrators have the proper Platform Compliance permissions, they can create or modify the roles for the specific Compliance Module administrators. The Platform Account Administrator needs to create specific Compliance module-based roles in Platform that resemble the type of work being done in Compliance.

For example, in Suite administration > Roles and permissions, the Platform Account Administrator may want to create a role for the Safety Director in Platform and grant View safety module access along with Edit safety module access.

The Safety Director - Admin role needs the following access settings:

The users in these roles will typically not be administering Compliance daily. This activity would be a role within Compliance.

The reasons for creating the Compliance Admin roles are to:

• Allow for organizational management
• Bypass Compliance permissions
• Keep security within the modules to appropriate personnel

Step 3: Compliance Admins Created to Facilitate Administration of Product

This role is responsible for setting up Compliance, defining process, and administering Compliance daily per the organizational assignment. When the Compliance Module Administrator roles are created, they can now go into Compliance and assign the organization user responsible for creating and assigning Compliance permissions.

In the previous step, the Safety Director was granted access to both View safety module and Edit safety module. The Safety Director can now navigate to the landing page and navigate to Settings.

The Safety Director can then select the Compliance settings.

The Safety Dept Administrator is now in the Module Summary within Compliance, with the goal of altering permissions. Steps 4 and 5 will describe functions for the roles of a Compliance Admin and a Reporter.

The Safety Department Administrator is responsible for maintaining all of the higher-level settings within Compliance, which includes the highlighted settings below.

Step 4: Compliance Admins Created at Lower Levels

This Compliance Administrator is responsible for administering Compliance on a daily basis per the organizational assignments. After this role is created, the Compliance Admin can then create roles in Compliance for other users. This could include other administrators at lower levels, reporters, form creators, etc. This role could also create role permissions that then create other role permissions.

After selecting Roles, you see a list of Compliance roles. All of these roles can be created and modified by the Compliance Administrator which is a seated role. You can also create other roles for different Compliance activities.

The Administrator and Reporter roles are both seated roles. All other roles are customer created.

By clicking on the Name, the (Compliance) Administrator has access to every permission available within Compliance.

This includes create/edit roles, and to create and edit user assignments. This role is intended to have full access to Compliance module permissions as shown under Roles/Users permissions.

Step 5: Compliance Roles & Assignments Per Module

Other roles within Compliance can have limited access to perform job specific roles, just like the seated role called Reporter.

The (Compliance) Reporter role has very limited access. The primary role for Reporter is to fill out forms within Compliance. Other roles can be created at this level with various role permissions.

Other limited roles could include job functions like:

• Crane Manager – manager of the crane group, can delete crane items
• Form Creator – can create and modify forms

The Read Only Roles comes automatically with Compliance to allow users to access the system but not perform action as such as filling out forms or tasks. You can also turn any role into a read only role which enable the role permission to view anything within their assignment(s).

Step by Step — Create Read only Access