New Security Roles Coming in 3.19
Published
Building upon the momentum from the last Altru release, I am happy to announce that 4 new system roles are being included in the upcoming Altru release. Our goal is to continue to fill in the security gaps and introduce additional system roles. We tried to balance adding new roles that restricted what users could view within Altru, as well as parse out some rights that you might want to grant to specific users without giving them too much permission.
Unlock User Accounts and Reset Passwords – Let’s suppose it’s the weekend and the person responsible for resetting user passwords and unlocking accounts is home or on vacation. But, someone has forgotten their password and can’t log in, and they need to start selling tickets in a few minutes. No fear, with this new system role, you can assign a specific user, perhaps the head ticket seller, with the right to reset user passwords and unlock accounts. This is perfect for occasions when the System Role Administrator is unavailable. One note about this role, it does not provide rights to add new users.
Adjustable Discounts – This is a great role to use if you want to give a ticket seller rights to do adjustable discounts, but you don't want to give the user the full guest services manager role. This role allows you to grant permission to do adjustable discounts, to the head ticket seller or maybe all ticket sellers, in advance or daily sales.
Restricted Constituent Documentation and Interactions – Use this role to deny users from viewing the Constituent Documentation and Interactions tab on constituent records. For example, a user may need to update addresses and phone numbers on constituent records, but you don’t want them to view sensitive information on the Constituent Documentation and Interactions tab.
Note: The Restricted Constituent Documentation and Interactions role must be used in combination with other roles because it does not grant any features by itself; it only denies features that are granted by other roles.
Restricted Constituent Attributes – Use this role to deny users from viewing the Attributes tab on constituent records. For example, a user may need to update addresses and phone numbers on constituent records, but does not need to view information on the Attributes tab.
Note: The Restricted Constituent Attributes role must be used in combination with other roles because it does not grant any features by itself; it only denies features that are granted by other roles.
I hope you find these new system roles useful, and I would love to hear your thoughts or ideas about potentially new system roles for future development. If you have any ideas, please add them to our community post here. Please be specific as possible with your ideas, and I'll be sure to follow-up with you with any questions or clarification needed.
Unlock User Accounts and Reset Passwords – Let’s suppose it’s the weekend and the person responsible for resetting user passwords and unlocking accounts is home or on vacation. But, someone has forgotten their password and can’t log in, and they need to start selling tickets in a few minutes. No fear, with this new system role, you can assign a specific user, perhaps the head ticket seller, with the right to reset user passwords and unlock accounts. This is perfect for occasions when the System Role Administrator is unavailable. One note about this role, it does not provide rights to add new users.
Adjustable Discounts – This is a great role to use if you want to give a ticket seller rights to do adjustable discounts, but you don't want to give the user the full guest services manager role. This role allows you to grant permission to do adjustable discounts, to the head ticket seller or maybe all ticket sellers, in advance or daily sales.
Restricted Constituent Documentation and Interactions – Use this role to deny users from viewing the Constituent Documentation and Interactions tab on constituent records. For example, a user may need to update addresses and phone numbers on constituent records, but you don’t want them to view sensitive information on the Constituent Documentation and Interactions tab.
Note: The Restricted Constituent Documentation and Interactions role must be used in combination with other roles because it does not grant any features by itself; it only denies features that are granted by other roles.
Restricted Constituent Attributes – Use this role to deny users from viewing the Attributes tab on constituent records. For example, a user may need to update addresses and phone numbers on constituent records, but does not need to view information on the Attributes tab.
Note: The Restricted Constituent Attributes role must be used in combination with other roles because it does not grant any features by itself; it only denies features that are granted by other roles.
I hope you find these new system roles useful, and I would love to hear your thoughts or ideas about potentially new system roles for future development. If you have any ideas, please add them to our community post here. Please be specific as possible with your ideas, and I'll be sure to follow-up with you with any questions or clarification needed.
News
ARCHIVED | Blackbaud Altru® Tips and Tricks
11/14/2014 8:49am EST
Leave a Comment