Skip to main content

Permissions in user views

Simon Forey
Updated

Overview

Effective from EB360 3.9 roles that have the ability to create and edit user views have a number of options that dictate what others users can do and see with those views. This page discusses the options you have.

Role centric configuration

Any permissions you configure are based on roles (rather than individual users).  See here for more details on roles in EB360

What user roles are available in EB360?

 

Permissions in user views

On all user views users with access can define roles that can:

  • View User view, this dictates which roles can see the view in the left hand hierarchy.

  • Edit User View, determines which roles can make changes to the configuration of the user view.  if a role cannot edit a view they cannot get to and save the view settings.

An example of these settings can be seen below:

user defined task view.png

Managed Third party user views

In addition to the standard user view permissions, designers of Managed Third party views can also:

  • Restrict which roles can Change the filter settings

  • Restrict which roles can edit the column settings

If this are left as Basic roles only then note that any user can essentially change the settings to show all third parties and all column based data (so essentially most data in the platform).

 

Event Log User Views

In addition to the standard user view permissions, designers of Event log views can also:

  • Restrict which users can edit the Filter settings

 

 

Access is restricted but data is not

Note that the permissions do not restrict access to data as such.  This is important in that:

  • Data in dashboard widgets, any data that is driving dashboard widgets are not filtered on permissions.  So for example if a dashboard widget shows the status of all completed Due Diligence Questionnaires (DDQs), then it will be across all Third parties, not just on third parties a selected user might see due to another user view existing.  Given these widgets have drill through functionality, they will also be able to get to their detail.

  • Event Logs, events logs contain a myriad of information about things which have happened on the platform.  If a user can get to an event log view, then they will be able to see all events based on the event log filters.   Some of these may contain descriptions which expose more information than you would like to a basic user.

  • Managed Third party views, designers of Managed third party views can restrict the columns and filter settings so there should be no additional data concerns when basic users can see these views.
  • Task Views, tasks are permissioned via Task Templates, the same restrictions which apply for the standard task view apply to user defined task views. 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.