Security Setup
Last Updated: 8/22/14
Security Setup |
|
There are three main parts to setting up security levels in Chronicle:
Set up security levels for each employee.
Set up the security levels for different types of actions in Chronicle.
If needed, identify exceptions to these security rules. (That is, you can give specific employees with lower security levels access to certain higher level options without giving them access to all higher level options.)
1. |
Click on the Chronicle icon in the upper left corner of Chronicle. This is your tools list. Select Main System Setup If Main System Setup isn’t in listed under Tools; see Adding Main System Setup to Your Tools List. |
2. |
In the list of tabs on the left, click Security to get to the security setup. (Show/hide screen) There are four tabs within the security setup. The What Each Level Can Do tab lets you set the security levels for different options in Chronicle. It also lets you identify exceptions, that is, employees who can use the corresponding options even if their security levels are lower than the level set for the option. The Employee Security Levels tab lets you change security levels for your employees. |
You can set or change security levels in the personal information for each employee when you add the employee and from the employee profile screen, but the setup option lets you see and adjust security levels for all of your employees at once.
1. |
On the Security tab in the Setup, click the Employee Security Levels tab. (Show/hide screen) |
2. |
Double-click the employee to change the security level for. You could also click the employee and then click the Edit Employee Security Level button above the list. |
3. |
Pick the appropriate security level and then click Next. (Show/hide screen) You can’t assign anyone a higher security level than your own, and you can’t change the security level for anyone with a higher security level than yours. |
Typically, security levels are assigned like this:
For this role: |
Use this security level: |
Owner |
7 |
office manager/production manager |
6 |
estimator/project manager |
5 |
office staff |
3-4 |
technician/laborer |
2 |
non-employee (limited access) |
1 |
no Chronicle access |
0 |
You can change the security levels for various types of options in Chronicle:
1. |
On the Security tab in the Setup, click the What Each Level Can Do tab. (Show/hide screen) |
2. |
Double-click the security context to change the security level for. You could also select the security context and click Edit Context Security Level. For details on what each context controls, see What Different Security Contexts Control. |
3. |
Pick the appropriate security level and then click Ok. |
Suppose you want your level 2 assistant, Sam, to add job events to the calendar and change calendar events for you (options that typically require security levels of 3 and 5), but you don’t want him to have access to other higher level options (and you don’t want other level 2 employees to use these options). You would simply identify Sam as an exception for those two options, meaning that he could use those options even though his security level is below what is usually required. To do this:
1. |
On the Security tab in the Setup, click the What Each Level Can Do tab. (Show/hide screen) |
2. |
Click the security context to make an exception for. For details on what each context controls, see What Different Security Contexts Control. |
3. |
On the right side of the screen, click Change Exceptions. Chronicle lists all of your employees. (Show/hide screen) |
4. |
Check the box next to each employee that you want to be able to use options controlled by the context you selected. Uncheck anyone who you no longer wish to be an exception. |
5. |
After you’ve checked every employee that you want to be an exception for this context, click Next. |
Here is a summary of the main parts of the program that different security contexts affect:
Security Context |
Parts of Chronicle this context affects |
ADDJOBCALENDAR |
Add an event to a calendar for a job. |
ALLACCOUNTINGVIEW |
View any information on the financial tab, management graphs, and Profitability Snapshot. |
ALLJOBVIEW |
|
EDITDEPARTMENT |
Add or change departments in the setup. This also controls whether you can delete required documents from the list in the setup. |
EDITEVENT |
Change or reschedule any event on the calendar. |
EDITMASTERREPORT |
Change Data Views (not something you want to mess with anyway). |
EDITPAGERSERVICE |
|
EDITPASSWORD |
Change a password for someone other than yourself if you don't know that user's password. |
EDITSYSTEMCATEGORY |
Add, change, or delete categories in the setup. |
EDITSYSTEMPANEL |
Edit system panel pages, that is the panels that all users see if they haven’t created their own custom panels. |
EDITSYSTEMTYPE |
|
EDITTEMPLATE |
|
LABORENTRYDELETE |
|
LABORENTRYFORANOTHER |
Enter or look at labor hours for anyone other than oneself. |
ORDERAPPROVAL |
|
PAYABLEVIEW |
Look at payable information (available under Other Views on the Financial tab). |
PAYRATECHANGE |
Change an employee's pay rate and other information on the H/R tab for an employee. (If an employee’s security level is lower than this, the pay rate doesn’t appear at all in the employee’s H/R tab.) |
PAYROLLVIEW |
Look at or print the payroll report. |
PERSONALINFOVIEW |
Look at the Additional Info tab within the Personal Profile Info for a person. (This tab contains the SSN and driver’s license number.) |
SUPERVISOREDIT |
Change an accounting ID, change a job’s billing or collections departments, add or change activities in the setup, delete surveys, delete questions from surveys, delete or rename document templates, change an activity’s completion date, delete an activity from a job, change or delete equipment, change a person’s security level, make a person inactive (that is, deleted) |
VIEWBUDGET |
Look at a job’s budget. |
VIEWBUDGETLOG |
|
VIEWEMPLOYEEJOURNAL |
Use the journal manager (lets managers see all journals written by everyone during a particular date range), look at the journals for another employee. |
VIEWJOBLABOR |
See the list of all labor hours for a job. |
Controls whether you can look at what's on the PO tab in the job file and use the Purchase Order Manager. |
|
JobPOAddEdit |
Controls whether you can add PO's and edit PO's you've added. (This doesn't let you change approved or paid PO's unless you also meet the security level to approve/mark paid.) |
JobPOEditIfByAnother |
Controls whether you can change PO's someone else has added. |
JobPODelete |
Controls whether you can delete and undelete PO's. |
JobPOApprove |
Controls whether you can approve PO's and edit approved PO's. |
JobPOMarkPaid |
Controls whether you can mark PO's paid and edit paid PO's. |
|
|
|
|
If you don’t want someone using any options in Chronicle, you simply wouldn’t give access to the program. Certain parts in Chronicle are considered common to all users, so they have no security context at all. Anyone who can get into the program can:
Add documents and journal entries.
Assign tasks or reminders for yourself or others.
Read and send email.
Associate equipment with people or jobs.
Add their own labor.
Journal entries, documents, surveys, and folders are each assigned security levels when they are created. This lets you decide as you create information who should be able to see it. Some journals should only be read by management; others could be relevant to anyone working on the job. To give flexibility here, Chronicle lets you assign a separate level to each of these types of items.
