Purpose

This form is used to apply Communications restrictions to a Security Role.

SubSystem

Security

This page is accessed in context from SECF0063. Note that these restrictions can only be applied to Security Roles not to users, hence this form cannot be accessed via SECF0062.

It allows an administrator to control the actions that users with a particular Security Role can perform on Communication Types of particular Communication Categories. Until restrictions are applied via this form, a security role will have no restrictions relating to any of the Communication Categories defined to this Security Role (except where a VIEW-COMC Advanced Function has been applied to the Security Role).

An administrator can select the Communication Categories that a Role requires specific access to. For each Communication Category selected, the administrator can specify if the role can: 

• Create communication types in the category
• Edit the communication types in the category
• Delete the communication types in the category
• View the communication types in the category
• View communication items created in the category
• Edit communication items created in the category
• Approve communication items created in the category
• Reject communication items created in the category

The administrator can also use a single check box to include all Communication Categories against a role for viewing only, rather than selecting one category at a time. This applies an Advanced Function of VIEW-COMC to the Security Role. If this is the only restriction granted to a user, then the user will have access to view all communication types and tags for all categories. This role may be used for a user that needs to view historical communication items for a person.
This form works as other restrictions forms work in Callista in that the level of access is restricted to what is specified against a role. If no category is specified against a role then a user with that role has access to all categories. That user has ultimate control over creating, editing, deleting and viewing communication types as well as viewing, editing, approving and rejecting all communication items.

Where a Communication Restriction is not applied against a user and this user should not have access to communication functions, then the administrator can control this by restricting access to the relevant Web pages.

The Security Role block contains:

• Security Role:
• Creation date:
• Description:

Rules/Notes:

Details of the context Security Role are passed from SECF0063 and cannot be edited.
To query for a different Security Role, go back to SECF0063.

The Security Role Communication Category Restriction block contains:

• View Only All Communication Categories check box
• Communication Category
• Description
• Create check box
• Edit check box
• View check box
• Delete check box
• Approve check box
• Reject check box

Rules/Notes:

Check boxes on the Communication Category rows indicate if a user with that Security Role has the ability to perform that action on communication items in that communication category.

If there are permissions granted from several categories for the same Communication Type and/or tag, then the level of access granted defaults to the highest level set in the categories.

The View Only Access lamp displays if the View Only All Communication Categories check box is selected.

When the View Only All Communication Categories check box is selected, a warning that this action will remove any existing communication category restrictions and create restrictions for all open communication categories with ‘View Only’ access, is displayed.

Where the ‘View all Communication Categories’ check box is selected, the ability to add individual communication categories to the role will be disabled

When the ‘View all Communication Categories’ check box is de-selected a warning is displayed that the View Only access for all communication category restrictions will be removed. If a VIEW-COMC Advanced Function applies to this Security Role then that is also removed.
After saving this deselection, restrictions can then (and may need to) be applied to any open communication categories for this Security Role.

A Communication Categories record cannot be saved with no restrictions check boxes being set. This represents a non-restricted record. Either the details must be modified or the record removed.

When any of the Create, Edit, Delete, Approve or Reject check boxes are selected, the View check box must also be selected.

When the Create check box is selected, the Edit check box must also be selected.

To apply communications restrictions to a security role:

• Go to SECF0063 and query for the required security role.
• Click on the Communications Restrictions button to open this form with the Security Role in context.
• To make all Communication Categories 'View only' for this Security Role click on the View Only check box and save.
• To apply particular restrictions to a communication category, select that Communication Category using the LOV and then deselect the appropriate restriction check box(es) as required and save.

Rules/Notes:

Note the validations above that apply to the Security Role Communication Category Restriction block.