About Access Rights

Access rights are very flexible. They allow giving each user tailored access rights to ensure that everyone does what they need to do and cannot access what they should not. Access rights are divided in five categories: Access Levels, Status, Time Entry Mode, User Directory, and Project Access Rights. We also provide, in this section, useful information you need to know about deleting items.

About Account Access Rights

* The account access rights are granted on a per-user basis, in the "Edit User Information" page, which is located under "Administration -> All Users".

The Access Levels are divided in two groups: Administrator and Normal.

Administrator

  • An Administrator has full control on the company's account. Only administrators can see the Administration tab on top, while non-administrators will only see 3 tabs: the “My Office” tab, the "Project” tab, and the “Help” tab. Exclusive actions for Administrators include:
    • Manage all users, import data, delete projects and delete user items.
    • Manage the account information, time types, project types, project priorities, clients, and user groups.
    • Edit and delete timesheets entered by other users, by using the Time Approval module.
    • Open every project and edit its entire content, even if they are not assigned to it.
    • Move tasks into another project.
    • Copy tasks within the same project or into another project.
*** Generally, to ensure optimal security, there should have a limited number of administrators per account.

Normal

  • A normal user's access rights may vary from one project to another.
    • Access rights are given by the project manager or by the administrator, to each user, when he/she is assigned to a project.
    • Once the user has been assigned to the project, he/she will be able to perform actions within that project in accordance with his/her access rights. 
    • Projects that are not assigned to a normal user will not be viewable unless he/she is assigned to them. 
    • Normal users only see 3 tabs in AceProject: My Office, the current project tab, and the Help tab. 
      • The "This user can add a project" access right allows the user to create a blank project or to copy any project template in which the user has been assigned as a project manager.
      • The "Administration - Limited Mode" access right is like an enhanced "project" tab. When this mode is enabled, the "Administration - Limited" tab is displayed on top. It contains features like Gantt charts, time reports or task reports for all the normal user's assigned projects.
        • This access right does not give access to the account or user configuration.
        • This access right grants the "Can Open This Project" access right automatically. In other words, even if a user is assigned to a project but cannot open it, the "Administration - Limited Mode" will give him/her the right to open it. However, the behaviour of the "Project Manager", the "Time Approval" and the "Edit Task Level" access rights will remain the same.

 

The Status access right is used to set whether the user can access AceProject or not.
  • The "Can Login" option is set as default. It allows the user to access the account.
  • The "Can't Login" option is useful to prevent a user from logging in without having to delete that user.
     
The Time Entry Mode access right lets you decide how users will enter their time; it can be manually, automatically or both options combined. The following options are available:
  • "Timesheet + IN/OUT" gives users the flexibility to either enter their time manually or automatically, as mentioned earlier.
  • "Timesheet Only" forces the users to enter their time manually, in the "My Office -> My Timesheets" section. This option disables the IN/OUT module.
  • "IN/OUT Only" forces the users to use the counter to enter their time. To start the counter, the user must open a task and click the "Open IN/OUT" link on top right of the main window. This option ensures efficient monitoring of users, since they cannot edit the time entered afterwards.
  • "Time Entry Disabled" prohibits users from filling out a time sheet either manually or automatically.
     
The User Directory access right is used to set permissions, for the user, in regard to which users will be displayed in his/her user directory. The User Directory is located under the "My Office" tab and displays other users' coordinates, such as phone numbers and email address.
  • "Display All Users" shows all users configured in your account.
  • "Display Only Administrators" shows a list of administrator-level users only.
  • "Users Assigned on the Same Projects" will display a list of all users assigned on the same projects. Users assigned to other projects will not be displayed.
  • "Users in the Same Group" shows users who belong to the same user group. For example, an architect would only see other architects.
  • "Disabled" removes the "User Directory" feature from the left panel, in the "My Office" section. This option is useful if you need to increase confidentiality and hide the user directory for certain users.

 

About Project Access Rights

There are 4 types of access rights to set for a Normal user: Project Manager, Time Approval, Project Access, and Edit Task Level. To grant the project access rights, the project manager must click the project tab, then go to "Configuration -> Assigned Users", and grant project access rights on a per-user basis.

Project Manager

Being a project manager is like holding the passkey to it: you can change everything you want in the project. 

  • Change the project's structure:
    - assign and un-assign users
    - change the users' access rights
    - create/delete task dependencies
    - make changes to task parameters, such as task groups, statuses, types, and priorities

  • Approve or reject time sheets

  • Move tasks into another project.
  • Copy tasks within the same project or into another project.
  • Project Managers automatically get Time Approval and the highest Edit Task Level (D4 - Level 4, Full Control).

Time Approval

The "Time Approval" access right is mainly useful for time management. You can approve or reject time entered for the project by the users. You can also generate time sheet reports for the project. Project Managers automatically get the "Time Approval" access right.

Project Access (Can open this project)

The project access parameter is useful to setup limited access to a project user, for example a client or an outside contractor. If a user cannot open the project, he/she will only be able to see the tasks he/she is assigned to in the "My Office" tab; he/she will not be able to see the project in the project's tab. If the user can open the project, he/she will get access to the project's tab and all other project parameters  (calendars, charts, statistics, time sheets, discussion forums, reports, etc).

Edit Task Levels

Task editing access rights are very flexible. This ensures maximum tailoring to your needs. There are four modes: Read Only, Limited, Partial, and Full Control.

For a better understanding, we made tables to explain Edit Task Levels

A1 - Read Only Task Editing

This is the lowest task editing right. You can only open tasks and consult them. You cannot make changes to, create or delete tasks.

  • You cannot create tasks

  • If you are assigned / reviewer on a task:
    - Read-only access, no modifications allowed.

  • If you are not assigned / reviewer on a task:
    - Read-only access, no modifications allowed.

B1 - Level 1, Limited Task Editing

This access level permits some modifications to a task, only if the user is either assigned to or reviewer for the task. You can add a comment, change the "% done" field and the task status.

  • You cannot create tasks

  • If you are assigned / reviewer on a task:
    - change comments fields, % done, status

  • If you are not assigned / reviewer on a task:
    - Read-only access, no modifications allowed.

B2 - Level 2, Limited Task Editing

This access level includes the B1 access rights plus adding/deleting a file attachment to the task. Here again, these modification rights are only allowed if the user is assigned to the task or is the reviewer for the task.

  • You cannot create tasks

  • If you are assigned / reviewer on a task:
    - change "comments" fields, "% done", "status"
    - add/delete file attachments

  • If you are not assigned / reviewer on a task:
    - Read-only access, no modifications allowed.

C1 - Level 1, Partial Task Editing

Partial task editing permits creating a new task. If you created the task, you can modify every field in it, as well as add or delete a file attachment. 

  • You can create tasks

  • If you are the task creator:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies
    - copy tasks within the same project

  • If you are assigned / reviewer on a task:
    - change "comments" fields, "% done", "status"
    - add/delete file attachments

  • If you are not assigned / reviewer on a task:
    - Read-only access, no modifications allowed.

C2 - Level 2, Partial Task Editing

This access level includes the C1 access rights, plus deleting a task you created. 

  • You can create tasks

  • If you are the task creator:
    - change all fields
    - add/delete file attachments
    - delete your tasks
    - create/delete task dependencies
    - copy tasks within the same project

  • If you are assigned / reviewer on a task:
    - change "comments fields", "% done", "status"
    - add/delete file attachments

  • If you are not assigned / reviewer on a task:
    - Read-only access, no modifications allowed.

D1 - Level 1, Full Control Task Editing

In the Full Control mode, you can make changes to all tasks, regardless of who created it. You can also add or delete a file attachment.

  • You cannot create tasks

  • If you are assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies

  • If you are not assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies

D2 - Level 2, Full Control Task Editing

This access level includes the D1 rights, plus you can create a new task.

  • You can create tasks

  • If you are the task creator:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies
    - copy tasks within the same project

  • If you are assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies

  • If you are not assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies

D3 - Level 3, Full Control Task Editing

This access level includes the D2 rights plus you can delete any task you created.

  • You can create tasks

  • If you are the task creator:
    - change all fields
    - add/delete file attachments
    - delete your tasks
    - create/delete task dependencies
    - copy tasks within the same project

  • If you are assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies

  • If you are not assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies

D4 - Level 4, Full Control Task Editing

This access level includes the D3 rights, plus you can delete any task, regardless of who created it.

  • You can create tasks

  • If you are the task creator:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies
    - copy tasks within the same project
    - delete tasks

  • If you are assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies
    - delete tasks

  • If you are not assigned / reviewer on a task:
    - change all fields
    - add/delete file attachments
    - create/delete task dependencies
    - delete tasks

 

Things to Know About Deleting Items

For security reasons, we cannot allow you to perform some cascading suppressions, that is deleting an item associated to other items in the system:

  • When deleting a project, you are prompted to choose which parts of the project you wish to delete. Access to project deletion is done through the Administrative Tools page under the "Administration" tab:

    • Time sheets only.

    • Time sheets, discussion forums, tasks and file attachments.

    • The whole project.

    • HINT: You can set a project's status to completed instead of deleting it.

  • Before deleting a task, you must first delete:

    • Its file attachments

    • Any time sheet that refers to the task

    • Any dependency that is linked to another task

    • HINT: You can set a task's status to completed instead of deleting it.

  • Before deleting a user, you must perform these actions:

    • Un-assign the user from all projects

    • Un-assign the user from all tasks OR delete all tasks assigned to the user

    • Delete all time sheets, projects and tasks created by the user

    • Delete all discussion forums the user created or contributed to

    • Delete all messages to and from the user in the message center

    • HINT: You can set a user to "can't login" instead of deleting it.

    • HINT: You can delete a user's messages, timesheets and forum contributions from the Delete User Items tab in the Administrative Tools page.

  • Before deleting a time type, you must first delete:

    • All time sheets associated to it.

  • Before deleting a project type, you must first delete:

    • All projects associated to it.

 

How can a block a user? How can I keep a user from logging in?  
There are two statuses for a user: "can login" and "cannot login." The user status is used to permit or deny the user to login to AceProject. 

 

 


Copyright 2001-2006 Websystems, Inc. All Rights Reserved.