Knowledge Base / FAQ
Frequently Asked Questions
What are group policies and how to use them?
Only accessible to super-administrator
The super administrator can define ONE member group to manage user’s general permissions (confidentiality).
By default there is only the Full Access group. Additional groups can be added.
Go to: Admin > Users & Staff > Manage group policies.
Group rules can be defined to manage user’s module access, based on several options:
As of version 5.4 you can block a group from seeing Full Access records as seen in the image below.
F: Full Access
V: View only – User access to the module is limited to only view/show data.
B: Block access – Users can’t enter into the respective module. Blocked users will see that the module exists.
You can manage storage visualization (options view only) and the access to the storage browser. If you want to restrict storage browser access, select: Block access to Storage Browser
When you create a group with view only access, you can check the storage box to allow users to see the storage positions and locations for module records. The four options at the bottom work in combination with the selection of F, V, B permissions.
Groups can also be defined in a way to filter data access between groups:
- Group sees ALL
- Group sees ALL except storage
- Group sees ONLY its own data
- Group sees ALL orders
Records made by users not affiliated to a group will not be restricted and will remain visible to ALL users in any group. The super-admin does not belong to any group.
From version 5.3, add-ons can also have a restricted access: F: Full Access or B: Block access – Users can’t enter into the respective add-on.
Permissions can be changed at any time through this menu.
Search filters also use these group definitions to help filter data by group.
Super-administrator can assign master administrators to the groups under Admin > Users & Staff > Manage Users. These administrators can create and manage lab members and user accounts for their own group.
Since version 5.3, super-administrator and group master administrators can apply more than one group to a user.
Version 5.4 allows users to choose which of their groups they want to share data with on a record-by-record basis. If a user is in more than one group then their data is shared with all those groups by default. The user can otherwise choose particular groups from the Share dropdown while creating or editing a record.
Version 5.4 also allows the administrator to assign a Primary Group to users that are in more than one group. This means that by default their data is shared only with the Primary Group unless they explicitly choose to share individual records with their other group(s) as well.
Once the group is set up, you can also restrict the group to a list of IPs (see KB-56).
You can purchase additional groups if you need more - please contact firstname.lastname@example.org or email@example.com (US and Canada).
Have a question about this article?
Last updated Wed, Mar 28 2018 10:32am