Roles
Roles and permissions are maintained in both InEight Platform and in Compliance respectively. In Platform, they can be accessed by navigating to Suite administration > Roles and permission, and then selecting Organization and project.The setup and design of Compliance’s permissions and roles are different than any other of the InEight cloud platform applications. It is important to know that a Level 3 role (high level permission allowing for the viewing of all modules in Compliance) must be present and maintained correctly in Platform for subsequent users to get added in Compliance.
User Role Definitions
Name | Module | Definition | Examples Names |
---|---|---|---|
Platform account administrators |
Platform |
Account Administrators with Level 3 – Account Admin access. Highest level access with view all modules and edit all modules access. |
Account Administrator Dev/Ops Administrator |
Compliance module administrator |
Platform |
Responsible for creating or modifying the roles for the specific Compliance Admins within each module. |
Safety Dept Administrator Quality Dept Administrator Compliance Product Administrator |
Compliance admins |
Compliance |
Responsible for administering Compliance on a daily basis per the organizational assignments. |
Compliance Administrator |
Compliance roles |
Compliance |
Specific job roles with limited access. |
Form Creator Crane Manager |
Platform Permissions
Platform Account Administrators need to have Level 3 permissions, which allows access into Compliance with the suitable permissions. By default, this is assigned to an Account Administrator and a Dev/Ops role. This permits full open access to view all modules and should be assigned with discretion. During initial setup, a Platform role lower than Level 3 will not have access into Compliance.
Any other permission to get into Compliance, outside of the Level 3 role needs to be obtained within Compliance.
No settings in Platform exist that will allow a level lower than a Level 3 to get into Compliance.
A Compliance menu drop-down option does not exist in the Permissions in Suite administration > Roles and permissions > Permissions.
By default, Platform Account Administrators should already be set up to View all modules (as shown below in the Organization and project > Compliance settings). If checked, these settings override all Compliance level permissions. It is required that first user to log into Compliance be a Level 3 user.
The Platform Account Administrators will then set up a second user in Compliance. As common practice, the second user in Compliance can then start to assign users directly within Compliance.
In general, the average Compliance user does not need a Platform permission to get into Compliance. Users (other than a Level 3 user) are maintained directly in Compliance. A level 3 user assignment overrides all Compliance-level assignments.
Compliance Permissions
Compliance roles are module and Compliance specific. You can set permissions to each role for each module. They are comprised of permissions that you can perform inside of the specific Compliance module.
Within Compliance you can create as many roles as needed to facilitate any process you plan to do within the module. The standard Compliance application comes with the following seated roles:
- Module administrator – gives full access to all the permissions and allows anyone with the role to perform these events or actions
- Reporter – general role that allows anyone within this role to execute forms in any category or project assigned. It does not allow manipulation of other users, role creation, or template creation
- Read only – general role that allows anyone within this role to view events and tasks in any category or project assigned. It does not allow manipulation of other users, roles, templates, events, or tasks
Any created role defaults to reporter permissions until you change it.
The following tables summarize the actions you can take on individual Compliance pages with each permission.
Module Permissions
Permission | Page | Permitted Actions |
---|---|---|
Edit module summary | Module summary |
Add and edit Module name. Add and edit Description. Add and edit Module image. Activate and deactivate module toggle. |
Compliance landing page | View side menu and tiles according to your assignments. | |
Module landing page | View side menu Settings link. | |
Create and edit reporting tags | Module summary | Create and edit tags. |
Manage module organization exclusions | Module summary | Exclude or include any level of an organization or project. |
Create and edit categories | Categories |
Add a category. Edit a category. Inactivate a category. Delete a category. |
Create and edit classifications | Classifications |
Add a classification. Edit a classification. Inactivate a classification. Delete a classification. |
Create and edit statuses | Statuses |
Add a status. Edit a status. Inactivate a status. Delete a status. |
Edit email templates | Email templates | Edit an email template. |
Compliance landing page | Side menu and tiles according to your assignments. | |
Create notifications |
Events list Tasks list |
Create notifications for projects, roles, and users in your assignments. |
Create and edit Inspection and Test Plans | Inspection and test plans | Create and edit inspection and test plans in organizations and projects. |
Create and edit User groups | User groups | Create and edit user groups. |
Event Permissions
Permission | Page | Permitted Actions | |
---|---|---|---|
Edit completed events/tasks |
Events list Tasks list |
Reopen a completed event to pending status. | |
Event (inside) Task (inside) |
Use complete button after a closed event or task is edited. | ||
Edit event/task properties | (The subpermissions below can be selected and deselected after Edit event/task properties is selected.) |
Events list Tasks list Event (inside) Task (inside) |
Edit an event or task in your assignments using the Information slide-out panel. |
Form flow panel on event | Edit any role or user in available steps. | ||
Edit event/task proj/org |
Events list Tasks list Event (inside) Task (inside) |
Edit the Proj/org field of any event or task in your assignments using the Information slide-out panel. | |
Edit event/task category |
Events list Tasks list Event (inside) Task (inside) |
Edit the Category field of any event or task in your assignments using the Information slide-out panel. |
|
Edit event/task due date |
Events list Tasks list Event (inside) Task (inside) |
Edit the Event date and Due date fields of any event or task in your assignments using the Information slide-out panel. |
|
Edit event/task status |
Events list Tasks list Event (inside) Task (inside) |
Edit the Status field of any event or task in your assignments using the Information slide-out panel. | |
Edit event/task Reporter/Responsible party |
Events list Tasks list Event (inside) Task (inside) |
Edit the Reporter and Responsible party fields of any event or task in your assignments using the Information slide-out panel. | |
Edit event/task title |
Events list Tasks list Event (inside) Task (inside) |
Edit the title field of any event or task in your assignments using the Information slide-out panel. | |
Delete events/tasks |
Events list Tasks list |
Delete any event in assignments area. | |
Only provide access to own forms/tasks on the event/task list (Select one or more categories from the drop-down list) |
Events list Tasks list |
View only events where you are a reporter. You cannot see any other events or tasks you did not initiate as a reporter. | |
View deleted categories in the event/task list |
Events list Tasks list |
Filter to show inactivate categories. | |
Copy events/tasks from event/task lists |
Events list Tasks list |
Copy an event or task. You cannot copy an event with form flow. | |
Allow access to event/task history (Select one or more categories from the drop-down list) |
Event and task information panel | View the history of the event or task. |
Roles/Users Permissions
Permission | Page | Permitted Actions |
---|---|---|
Create and edit roles | Roles |
Add a new role. Edit a role. Copy a role. Delete a role. |
Add role dialog box |
Add a name. Add description. Select active check box. Add all permissions. |
|
Edit role dialog box |
Edit a name. Edit description. Select active check box. Edit all permissions. |
|
Compliance landing page | View side menu and tiles according to your assignments. | |
Module landing page | View side menu Roles link. | |
Create and edit user assignments | User assignments |
Add a new assignment. Edit an assignment. Copy an assignment. Inactivate an assignment. Delete an assignment. Transfer user assignments. Create a user group. |
Compliance landing page | View side menu and tiles according to your assignments. | |
Module landing page | View side menu User assignments link. | |
Restrict the ability to assign users to the following roles | Add user assignments wizard | Enable roles available to create a user assignment. |
Edit user assignments icon on assignments slide-out panel | Edit icon is available only if roles from list associated with the permission are the only roles on the assignment. If an assignment includes a role that is permitted and a role that is not permitted, you cannot edit the assignment. | |
Remove user assignments | Remove icon is available only from roles list associated with the permissions. | |
Restrict the ability to assign users to only the following reporting tags | Add reporting tags dialog box in User assignments | Can only assign the selected reporting tags to users. |
Template Permissions
Permission | Page | Permitted Actions |
---|---|---|
Create and edit templates | Templates manager forms |
Create a new form. Edit a form. Copy a form. Inactivate a form. Delete a form. |
Templates manager tasks |
Create a new task. Edit a task. Copy a task. Inactivate a task. Delete a task. |
|
Form builder | Use all functions including form flows. | |
Task builder | Use all functions including form flows. | |
Compliance landing page | View side menu and tiles according to your assignments. | |
Module landing page | View side menu Templates manager link. |
Read only role
The Make this role read only check box is at the bottom of the Add role or Edit role dialog boxes.
Permission | Page | Permitted Actions |
---|---|---|
Make this role read only | Compliance landing page | View side menu and tiles according to your assignments. |
Module landing page |
View links. View forms. View tasks. To-do list is not shown because forms and tasks cannot be assigned. |
|
Events page |
View events according to your assignments. View information side panel. Cannot enter information in fields. |
|
Tasks page |
View tasks according to your assignments. View information side panel. Cannot enter information in fields. |
Dashboard Permissions
Your project’s home landing page dashboard will always show the Compliance option on the left side bar menu and the Compliance tile on the dashboard, regardless of a user’s permissions.
If you click on the Compliance tile or select Compliance from the side bar menu, and do not have the applicable Compliance permissions assigned within Compliance, a message will appear requesting you to coordinate permissions setup with your Admin.
Permissions Workflow
The following diagram maps out the Compliance permissions workflow phases.
# | Phase | Module | Definition |
---|---|---|---|
|
Implementation Phase |
Platform and Compliance |
The process for creating Platform and Compliance permissions in the InEight cloud platform. |
1 |
Platform Account Admin access |
Platform |
Dev Ops and other Account Admin roles have Compliance permissions, allowing for full open access into Compliance. Suite administration > Roles and permissions. |
2 |
Compliance role creation in Platform |
Platform |
The Account Admin creates Compliance Module Admin Level 3 roles for Compliance module specific administration. This is specific to the roles’ discipline. Examples:
The Account Admin changes the settings for the Safety Dept. Administrator to have View safety module and Edit safety module access. Suite administration > Roles and permissions |
3 |
Compliance Admins created to facilitate administration of product |
Compliance |
Compliance Module Admin creates the Compliance Administrators, who facilitate the administration of the Compliance product. Allows for ability to make other Compliance assignments. |
4 |
Admins are created within Compliance at lower levels |
Compliance |
You can use the seated Administration role for providing role access. Compliance Admins are created within Compliance at lower levels of the organization to facilitate administration of the product. |
5 |
Compliance must have roles & assignments per module |
Compliance |
You can use the seated Reporter role for the activity of filling out forms. Other (limited access) role options available based on your business needs. Compliance must have roles and assignments within Compliance in each module being utilized. |
Permissions Workflow Diagram
Implementation Phase Setup & Activities
The Compliance Implementation phase for InEight cloud platform involves setting up permissions and roles for your Compliance users, in both Platform and in Compliance.
Step 1: Platform Account Admin Access
The Level 3 – Account Admin roles first need to possess Level 3 – Account Admin level access.
Platform Account Administrators need to have Level 3 – Account Admin permissions to be able to grant access to the Compliance Admins such as the Safety and Quality Dept Admins. You can edit the Level 3 roles in Suite administration > Roles and permissions by selecting Account Administrators and clicking on the change icon.
If a Platform Account Administrator does not have Level 3 – Account Admin access, click the check box next to the name of the role and select change.
Scroll down the screen to select the Organization and project menu to view the Compliance settings permissions.
Compliance does not have its own menu under Permissions. The Compliance settings are located under the Organization and project menu.
The Platform Account Administrator needs to then navigate into the Suite Administration > Add or Edit Role > Suite Administration > Compliance setting to adjust Administrator level to Level 3, then grant access to both View and Edit all modules. By selecting both permissions, it will override all permissions that are set within Compliance.
The typical Compliance user does not need a Platform permission to be able to get into Compliance.
Step 2: Compliance Role Creation in Platform
When the Platform Account Administrators have the proper Platform Compliance permissions, they can create or modify the roles for the specific Compliance Module administrators. The Platform Account Administrator needs to create specific Compliance module-based roles in Platform that resemble the type of work being done in Compliance.
For example, in Suite administration > Roles and permissions, the Platform Account Administrator may want to create a role for the Safety Director in Platform and grant View safety module access along with Edit safety module access.
The Safety Director - Admin role needs the following access settings:
The users in these roles will typically not be administering Compliance daily. This activity would be a role within Compliance.
The reasons for creating the Compliance Admin roles are to:
- Allow for organizational management
- Bypass Compliance permissions
- Keep security within the modules to appropriate personnel
Step 3: Compliance Admins Created to Facilitate Administration of Product
This role is responsible for setting up Compliance, defining process, and administering Compliance daily per the organizational assignment. When the Compliance Module Administrator roles are created, they can now go into Compliance and assign the organization user responsible for creating and assigning Compliance permissions.
In the previous step, the Safety Director was granted access to both View safety module and Edit safety module. The Safety Director can now navigate to the landing page and navigate to Settings.
The Safety Director can then select the Compliance settings.
The Safety Dept Administrator is now in the Module Summary within Compliance, with the goal of altering permissions. Steps 4 and 5 will describe functions for the roles of a Compliance Admin and a Reporter.
The Safety Department Administrator is responsible for maintaining all of the higher-level settings within Compliance, which includes the highlighted settings below.
Step 4: Compliance Admins Created at Lower Levels
This Compliance Administrator is responsible for administering Compliance on a daily basis per the organizational assignments. After this role is created, the Compliance Admin can then create roles in Compliance for other users. This could include other administrators at lower levels, reporters, form creators, etc. This role could also create role permissions that then create other role permissions.
After selecting Roles, you see a list of Compliance roles. All of these roles can be created and modified by the Compliance Administrator which is a seated role. You can also create other roles for different Compliance activities.
The Administrator and Reporter roles are both seated roles. All other roles are customer created.
By clicking on the Name, the (Compliance) Administrator has access to every permission available within Compliance.
This includes create/edit roles, and to create and edit user assignments. This role is intended to have full access to Compliance module permissions as shown under Roles/Users permissions.
Step 5: Compliance Roles & Assignments Per Module
Other roles within Compliance can have limited access to perform job specific roles, just like the seated role called Reporter.
The (Compliance) Reporter role has very limited access. The primary role for Reporter is to fill out forms within Compliance. Other roles can be created at this level with various role permissions.
Other limited roles could include job functions like:
- Crane Manager – manager of the crane group, can delete crane items
- Form Creator – can create and modify forms
The Read Only Roles comes automatically with Compliance to allow users to access the system but not perform action as such as filling out forms or tasks. You can also turn any role into a read only role which enable the role permission to view anything within their assignment(s).