Items to Consider When Setting User Rights
When setting user rights, proceed after considering the following items.
- Users, organizations, and facilities subject to user rights
- Users to be granted user rights
- Types of user rights
- Security model
Users, Organizations, and Facilities Subject To User Rights
Decide in advance to which users, organizations, and facilities you want to grant user rights.
Users can also be selected on an organization or role basis. Facilities can also be selected on an facility group basis.
Users to Be Granted User Rights
Decide in advance the users who will have access to the appointments you want to manage with user rights.
Users can also be selected on an organization or role basis.
Types of Permissions
Decide in advance the user rights you want to grant to the users who will have access to the appointments.
Permissions consist of the following four types:
- Read permission
- Add permissions
- Change permissions
- Delete permissions
Disclaimer
- If the logged-in user is an attendee of an appointment, they can change or delete the appointment even if they have only view permissions.
- An error (GRN_SCHD_13002) will occur when the logged-in user attempts to display the appointment details screen where both conditions apply: the logged-in user is not an attendee of an appointment, and the appointment includes at least one attendee for whom the logged-in user does not have view permission.
Security Model
When setting which users can access appointments, you must first choose whether to "select the target to allow operations" or "select the target to prohibit operations". This feature is called the "Security model".
The method of granting permissions to users will differ depending on the security model you choose.
For details on the security model, refer to the following page.
Security model
For the differences in prioritized permissions based on security models, refer to the following page.
Differences in Prioritized Permissions Based on Security Models
Use Case
For example, suppose that you want to implement a policy where "only executives and secretaries can view the president's appointments".
In this case, set the user rights as follows.
- Select "President" to edit their user rights
- Select "GRANT (Only users on list have access)" in the Security model section
- Select the "Executives" and "Secretaries" roles as the members to whom you want to grant user rights
- Select "Read" as "User rights" (permissions)
With these settings, only "Executives" and "Secretaries" can view the president's appointments. Other users cannot view (read), add, change, or delete the president's appointments.