General Permissions
General permissions cover an assortment of permissions that are applied to the user as a whole. When possible, permissions changes should be made at the user type level as opposed to being overridden at the individual user level. This makes making organization-wide policy changes in permissions much easier.
Additional Resources
- In the Topic of the Day: Permissions Management Webinar, we discuss Projector’s permission structures and help administrators identify efficient ways to model permissions in their organization.
This form is reached from two different areas of Projector. The User Types Editor and the User Editor.
Permissions and Settings
In order to edit general permissions you must have the global permission System Settings set to update.
General Permissions
General permissions cover a hodgepodge or settings. Please see the table below for an explanation of each.
Option | Description |
---|---|
(Allow access to) Web Application | Check to allow the user access to the Projector Web Application. |
(Allow access to) Management Portal | Check to allow the user access to the Management Portal. |
(Allow access to) Web Services & Integration | Enable user access to web services and integration with third-party software, such as CRM and accounting applications. |
Use default tab group | Use the drop down button to select the desired tab group. Tab groups are a predefined set of screens for managing Projector. You can imagine that if you were a project manager in the system then you would probably want to see the projects, time approval, expense approval and report tabs by default. Whereas a finance manager would want to see the invoice tab, expense browser, vendor invoices, and time browser. |
Limit access to projects in time entry, expense entry, and project workspaces | The limit access flag is often set for contractors who should not be able to see information about your installation outside their purview. For example, if you have a contractor working on projects for Client X, you wouldn't want them to see your entire client list. The limit access flag comes into play in specific situations. You should not consider it the "be all and end all" of locking users out of your installation data. If you elevate other parts of their permissions, then these may supersede any limiting imposed by this flag. Users with this flag set will see the following limitations:
Corner case - If limited user is requested on a project, then the project may be added to their timesheet. However, if that role is then booked to any other resource (including unnamed), then adding the project is impossible. |
Include in Project Manager list | Check to include this user in the list of potential project managers wherever Projector requires entry of the name of a project manager. This is a time-saving feature. Thus, even if a user is not designated here as a project manager, you will still be able to assign the user to be the manager of specific projects. Note that this user can be included in the list regardless of their title – meaning that a person in your organization need not have the title of "Project Manager" to have project manager capabilities in Projector. However, the users must also have a resource profile in the engagement cost center or a child of that cost center for them to be displayed in the PM List. |
Use delegated authentication | If Projector has been configured for delegated or external authentication, you can check this box to cause Projector to use the external authentication mechanism to authenticate this user or uncheck it to cause Projector to use its own authentication mechanism. If configured, Projector can consume an external, customer-supplied, web service to authenticate users when they log in to Projector via the management portal or /wiki/spaces/docworkspace/pages/10330963. Please Contact Projector PSA if you want to configure Projector for external authentication or find out more. |
Delegated authentication login name | Enter the login name to be used by this user for delegated/external authentication. |
Single Sign On: | You can optionally enable Single Sign On (SSO). With SSO enabled, a user can log in one time and be authenticated across a variety of applications that they use, including Projector. Projector provides this functionality through any provider that supports SAML 2.0. To learn more about our SSO implementation and how to start using it, please see Single Sign On (SSO) Implementation Guide. Because Projector user types are additive, SSO uses the following order precedence for determining what should be used:
|
Resource can (skills): | Control whether a resource can view and edit their skill levels on the Profile page. Skills are used to make best fit staffing decisions. Select from the following options:
|
Resource can (time off): | Control whether a resource can request time off and whether that request needs approval. These requests are used for scheduling purposes only. That is to say, they are for the future. Resources can always enter time off for the past on their time entry page. For example, requesting future vacation time makes sense. Requesting yesterday because you were sick does not.
|
Resource can (Projector BI): | This option is only available if the Projector BI module is enabled. Each user provisioned for BI incurs an additional monthly cost. See your contract for details. To learn more about Projector BI, visit its /wiki/spaces/docs/pages/12915465.
|
User can (view resource home page) | Control whether a user can view other resources' home page. Manager can be configured at the resource level using the resource editor. In this example here, Steve Rogers is the manager of resource Chris Bradley.
|
User can (view resource time) | Control whether a user can view other resources' reported time on Enter Time and Time Card Search. Manager can be configured at the resource level using the resource editor. In this example here, Steve Rogers is the manager of resource Chris Bradley.
|
Allow resource to request their own time Allow resource to book their own time | These two settings allow a resource to either request or schedule hours for Roles for which they are assigned to. These permissions must operate within the typical permissions structure of Projector. In order to actually edit your hours, the following must be true:
With the necessary permissions, Resources have access to the role landing page via Projects & Planning | Roles. User can request or schedule hours on the Schedule tab of the role landing page. |