Setting Up Access Permissions for Scheduler
You can set the following access permissions for organizations, users, roles, facility groups, or facilities.
- Access permissions
- Add permissions
- Change permissions
- Delete permissions
The permissions for scheduler vary by the security model applied to the scheduler.
The default setting is set to "REVOKE (All users have access except users on list)". Therefore, all users are allowed to view, add, change, or delete schedulers.
For information on permissions, refer to User Rights and Prioritized Access Permissions.
The permissions that you set for schedulers for departments apply to the department schedulers and to the schedulers of users who belong to the departments.
The permissions that you set for facility groups apply to the facilities that belong to the groups.
For example, if a facility group named "Conference rooms" has two facilities such as Seminar room and Conference room 1, the access permissions set for "Conference rooms" will also be applied to the Seminar room and Conference room 1.
Setting User Rights
The example shows how to set access permissions when the security model is "GRANT (Only users on list have access)".
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Scheduler.
-
Click Edit user rights.
-
On the "Edit user rights" screen, select organizations, users, roles, facility groups, or facilities to set.
-
On the "User Rights List" screen, confirm that the security model is "GRANT (select target allowed)".
If the security model is set as "REVOKE (All users have access except users on list)", click Change to change the setting to "GRANT (Only users on list have access)". For details, refer to Changing the Security Model. -
Click Add.
-
On "Add new entry" screen, select the organization, user, or role to set permissions, and click Add.
To select a role, switch the view to the "Roles" tab.
After you click "Add" then click the tab, the selected organizations, users, or roles before you switch tabs are cleared. -
Under "User rights", select the checkboxes of the permissions to allow, and then click Add.
Combination of User Rights
When actions on Scheduler are controlled by user rights, the Scheduler screens display only links, buttons, or users on which the login user is allowed to make actions.
a): Facilities that you have access permissions for appointments and can reserve
b): Facilities that you have access permissions for appointments but cannot reserve
refer to When Facility Groups and Facilities Have Different Access Permissions for information on which access permission override when you have access permissions to a facility and a facility group that the facility belongs.
When both a user and an organization/role to which the user belongs have access permissions to the user's Scheduler, the access permission of the user has the priority. For details, refer to When Organizations, Users, and Roles Have Different Permissions.
If the security model is "GRANT (Only users on the list have access)"
The example shows that the case in which the access permission security model for the conference room 1 is "GRANT (Only users on list have access)".
- Example of allowing Daisuke Kato to perform all the actions on Conference room 1:
Grant Daisuke Kato permissions to view, add, change, and delete appointments. - Example of allowing Daisuke Kato to perform only view scheduler action:
Grant Daisuke Kato a permission to view items. - Example of allowing Daisuke Kato to perform add appointment actions on Conference room 1:
Grant Daisuke Kato permissions to view and write appointments. - Example of allowing Daisuke Kato to perform change appointment actions on Conference room 1:
Grant Daisuke Kato permissions to view, add, and change appointments. - Example of allowing Daisuke Kato to perform delete appointment actions on Conference room 1:
Grant Daisuke Kato permissions to view and delete appointments. - Example of prohibiting Daisuke Kato to perform all the actions on Conference room 1:
Delete Daisuke Kato from the user rights list.
If the security model is "REVOKE (All users have access except users on the list)"
The example shows that the case in which the access permission security model for the conference room 1 is "REVOKE (All users have access except users on list)".
- Example of prohibiting Daisuke Kato to perform all the actions on Conference room 1:
Delete permissions to view, add, change, and delete appointments from Daisuke Kato. - Example of prohibiting Daisuke Kato to perform add appointment actions on Conference room 1:
Delete a permission to add appointments from Daisuke Kato. - Example of prohibiting Daisuke Kato to perform change appointment actions on Conference room 1:
Delete permissions to add and change appointments from Daisuke Kato. - Example of prohibiting Daisuke Kato to perform delete appointment actions on Conference room 1:
Delete a permission to delete appointments from Daisuke Kato. - Example of allowing Daisuke Kato to perform all the actions on Conference room 1:
Delete Daisuke Kato from the user rights list.
Changing User Rights
Change access permissions granted to users and organizations.
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Scheduler.
-
Click Edit user rights.
-
On the "Edit user rights" screen, select organizations, users, roles, facility groups, or facilities to set.
-
On "User Rights" screen, click "Edit" for the user rights to change.
-
On "Edit user rights" screen, you can change the user rights as needed.
-
Confirm your settings and click Save.
Deleting User Rights
Delete access permissions granted to users and organizations.
If you delete user rights, actions that users can perform changes as follows depending on the security model:
- If the security model is "GRANT (Only users on list have access)":
Users who were deleted the user rights or users who belonged to the organizations or roles that lost user rights no longer be able to work with items they previously could. - If the security model is "REVOKE (All users have access except users on list)":
Users who were deleted the user rights or users who belonged to the organizations or roles that lost user rights can now work with items they prohibited to use.
Selecting and Deleting User Rights
Select and delete user rights.
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Scheduler.
-
Click Edit user rights.
-
On the "Edit user rights" screen, select organizations, users, roles, facility groups, or facilities to set.
-
On "User Rights" screen, select the checkbox for the user rights to delete, and then click "Delete".
-
Click Yes on "Delete user rights" screen.
Deleting All User Rights
Delete all user rights.
-
Click the administration menu icon (gear icon) in the header.
-
Click Garoon System Administration.
-
Select "Application settings" tab.
-
Click Scheduler.
-
Click Edit user rights.
-
On the "Edit user rights" screen, select organizations, users, roles, facility groups, or facilities to set.
-
On "User rights" screen, click "Delete all".
-
Click Yes on "Delete all user rights" screen.