Fill out the following fields to create resources access rule:
- Rule Name - pick a name for your rule.
- Grant Full Access - enable to grant full access to all sections of the module to the specified personnel. Disable to specify in two additional fields below, to which resources access will be granted, and to which it will be denied.
- Allow Access To - designate the resources that the specified personnel will have access to.
- Restrict Access To - specify the resources that the specified personnel will not have access to.
- Administrators - specify which singular administrators will be subject to the new rule. If the specific administrator is already included in the group you have picked, you do not need to add them separately.
Note: All restrictions for specific administrators are summed with the restrictions on their role groups, across all rules.
- Administrator Roles - specify which administrator role groups will be subject to the new rule.
Important: When picking specific sections, keep in mind that allowing a parent section will also allow all of its children.
For example by allowing 'Logs' you allow 'Logs → Export,' 'Logs → Delete' etc.'
If you would like to give access to everything about logs, but the ability to delete them, you can pick 'Logs' in 'Allow Access To' and then 'Logs → Delete' in 'Restrict Access To.' Restrict takes precedence over Allow, so if a specific section is included in both, it will be restricted.
|