Access restriction
As well as determining the areas of the system a user can access, the combination of Role and Group are also used to control visibility of cases and case details and the operations that can be performed on a case.
Access to cases
Below are some examples of which cases users have access to based on their Role and Group membership.
All cases access
As an Administrator
I can see all cases of all types as my role has the View all cases
permission.
Group-Service access
As a user belonging to the Complaints
group with the Staff
role, I can see
all complaint cases regardless of whether or not the complaint is assigned to me
or my group because the Complaints
group has access to the Complaints
service.
Group assignment access
As a user belonging to the Parking
group with the Staff
role I can only see
a complaint case if it is assigned to me individually or to the Parking
group
because the Parking
group does not have access to see Complaints
but the
Staff
role allows me to see cases assigned to me or my group.
Direct assignment access
As a Citizen
user, I can only see cases that I have created or that have been
created on my behalf through my Person record where the Case Type has the
Cases visible to associated people option enabled because the Citizen
role can only view cases where they are directly assigned.
Other areas that are permission controlled
Fields
When creating a case field administrators must specify which roles can view the field.
Transitions
When creating a transition administrators must specify which roles can see and trigger the transition.
Case dates
When creating a case date administrators must specify which roles can see the case date.
Case notes
Case notes are visible to Staff and Third Party users only (when using standard role configuration).