Setting Security on the New Family page

Question

0

Setting Security on the New Family page

Teresa Bice posted 7 Years Ago

We have a data team that enters all new families, so i don't want the rest of the staff to be able to add new records. It looks like the 'Staff Role' has view only access to the new family page, but when I log in as a staff member, I can add records. How do I limit this to just our data team? Thanks!

Jim Michael · Accepted Answer · 2016-06-24T12:49-07:00

0

Jim Michael replied 7 Years Ago

There are a couple of things here... you are correct that Staff Workers role can add new families by default. It can be confusing, but View rights to the page/block is ALL they need to do this. The "edit" right means the person/role would have the ability to edit the _page_ or _block_, which is not the same as "editing" within the functionality of the block itself.

0:32]

That said, fixing this is pretty easy. 1. Create a new "RSR - Add People" role or whatever you want to call it, and add your data people to it. 2. Go to the New Family page and edit the security on it to allow View to your new role, and also add RSR -Rock Administrator for view/edit, then add an all user DENY entry below that. Now no one but Your Add Family and Admin roles will even see the New Family page in the menu.

10:33]

Note that you could also use the existing Data Integrity Worker as the allowed role on the New Family page if the same people in that role are the ones that should be allowed to add people.

Edit Answer

There
 are a couple of things here... you are correct that Staff Workers role 
can add new families by default. It can be confusing, but View rights to
 the page/block is ALL they need to do this. The "edit" right means the 
person/role would have the ability to edit the&nbsp;<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_page<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_&nbsp;or&nbsp;<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_block<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_, which is not the same as "editing" within the functionality of the block itself. <i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;"> <div class="message_gutter" style="box-sizing: border-box; text-align: right; position: absolute; top: 0px; left: 0px; width: 4.5rem; padding-right: 0.625rem;"><a href="https://rockrms.slack.com/archives/general/p1466782379000333" target="new_1466700303862" class="timestamp ts_tip ts_tip_top ts_tip_float ts_tip_hidden ts_tip_multiline ts_tip_delay_300" style="box-sizing: border-box; color: rgb(158, 158, 166); text-decoration: none; display: inline-block; position: relative; z-index: 1; font-family: Slack-Lato, appleLogo, sans-serif !important; font-size: 0.75rem; line-height: 1.125rem; opacity: 0;">0:32<i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">]</a>&nbsp;</div>That
 said, fixing this is pretty easy. 1. Create a new "RSR - Add People" 
role or whatever you want to call it, and add your data people to it. 2.
 Go to the New Family page and edit the security on it to allow View to 
your new role, and also add RSR -Rock Administrator for view/edit, then 
add an all user DENY entry below that. Now no one but Your Add Family 
and Admin roles will even see the New Family page in the menu.<i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;"> <div class="message_gutter" style="box-sizing: border-box; text-align: right; position: absolute; top: 0px; left: 0px; width: 4.5rem; padding-right: 0.625rem;"><a href="https://rockrms.slack.com/archives/general/p1466782419000334" target="new_1466700303862" class="timestamp ts_tip ts_tip_top ts_tip_float ts_tip_hidden ts_tip_multiline ts_tip_delay_300" style="box-sizing: border-box; color: rgb(158, 158, 166); text-decoration: none; display: inline-block; position: relative; z-index: 1; font-family: Slack-Lato, appleLogo, sans-serif !important; font-size: 0.75rem; line-height: 1.125rem; opacity: 0;">10:33<i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">]</a>&nbsp;</div> Note
 that you could also use the existing Data Integrity Worker as the 
allowed role on the New Family page if the same people in that role are 
the ones that should be allowed to add people.

<p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block; margin-top: -0.125rem;">There
 are a couple of things here... you are correct that Staff Workers role 
can add new families by default. It can be confusing, but View rights to
 the page/block is ALL they need to do this. The "edit" right means the 
person/role would have the ability to edit the<span class="Apple-converted-space">&nbsp;</span><i style="box-sizing: border-box;"><span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span>page<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span></i><span class="Apple-converted-space">&nbsp;</span>or<span class="Apple-converted-space">&nbsp;</span><i style="box-sizing: border-box;"><span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span>block<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span></i>, which is not the same as "editing" within the functionality of the block itself.</span></p><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block; margin-top: -0.125rem;"><br></span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;"><br style="box-sizing: border-box;"></i></p><div class="message_gutter" style="box-sizing: border-box; text-align: right; position: absolute; top: 0px; left: 0px; width: 4.5rem; padding-right: 0.625rem;"><a href="https://rockrms.slack.com/archives/general/p1466782379000333" target="new_1466700303862" class="timestamp ts_tip ts_tip_top ts_tip_float ts_tip_hidden ts_tip_multiline ts_tip_delay_300" style="box-sizing: border-box; color: rgb(158, 158, 166); text-decoration: none; display: inline-block; position: relative; z-index: 1; font-family: Slack-Lato, appleLogo, sans-serif !important; font-size: 0.75rem; line-height: 1.125rem; opacity: 0;"><span class="light_only" style="box-sizing: border-box; display: inline;">0:32</span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">]</i></a><span class="Apple-converted-space">&nbsp;</span><span class="message_star_holder" style="box-sizing: border-box;"></span></div><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block;">That
 said, fixing this is pretty easy. 1. Create a new "RSR - Add People" 
role or whatever you want to call it, and add your data people to it. 2.
 Go to the New Family page and edit the security on it to allow View to 
your new role, and also add RSR -Rock Administrator for view/edit, then 
add an all user DENY entry below that. Now no one but Your Add Family 
and Admin roles will even see the New Family page in the menu.</span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;"><br style="box-sizing: border-box;"></i></p><div class="message_gutter" style="box-sizing: border-box; text-align: right; position: absolute; top: 0px; left: 0px; width: 4.5rem; padding-right: 0.625rem;"><a href="https://rockrms.slack.com/archives/general/p1466782419000334" target="new_1466700303862" class="timestamp ts_tip ts_tip_top ts_tip_float ts_tip_hidden ts_tip_multiline ts_tip_delay_300" style="box-sizing: border-box; color: rgb(158, 158, 166); text-decoration: none; display: inline-block; position: relative; z-index: 1; font-family: Slack-Lato, appleLogo, sans-serif !important; font-size: 0.75rem; line-height: 1.125rem; opacity: 0;"><span class="light_only" style="box-sizing: border-box; display: inline;">10:33</span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">]</i></a><span class="Apple-converted-space">&nbsp;</span><span class="message_star_holder" style="box-sizing: border-box;"></span></div><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block;"><br></span></p><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block;">Note
 that you could also use the existing Data Integrity Worker as the 
allowed role on the New Family page if the same people in that role are 
the ones that should be allowed to add people.</span></p><p><br></p>

<p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block; margin-top: -0.125rem;">There
 are a couple of things here... you are correct that Staff Workers role 
can add new families by default. It can be confusing, but View rights to
 the page/block is ALL they need to do this. The "edit" right means the 
person/role would have the ability to edit the<span class="Apple-converted-space">&nbsp;</span><i style="box-sizing: border-box;"><span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span>page<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span></i><span class="Apple-converted-space">&nbsp;</span>or<span class="Apple-converted-space">&nbsp;</span><i style="box-sizing: border-box;"><span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span>block<span class="copyonly" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">_</span></i>, which is not the same as "editing" within the functionality of the block itself.</span></p><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block; margin-top: -0.125rem;"><br></span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;"><br style="box-sizing: border-box;"></i></p><div class="message_gutter" style="box-sizing: border-box; text-align: right; position: absolute; top: 0px; left: 0px; width: 4.5rem; padding-right: 0.625rem;"><a href="https://rockrms.slack.com/archives/general/p1466782379000333" target="new_1466700303862" class="timestamp ts_tip ts_tip_top ts_tip_float ts_tip_hidden ts_tip_multiline ts_tip_delay_300" style="box-sizing: border-box; color: rgb(158, 158, 166); text-decoration: none; display: inline-block; position: relative; z-index: 1; font-family: Slack-Lato, appleLogo, sans-serif !important; font-size: 0.75rem; line-height: 1.125rem; opacity: 0;"><span class="light_only" style="box-sizing: border-box; display: inline;">0:32</span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">]</i></a><span class="Apple-converted-space">&nbsp;</span><span class="message_star_holder" style="box-sizing: border-box;"></span></div><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block;">That
 said, fixing this is pretty easy. 1. Create a new "RSR - Add People" 
role or whatever you want to call it, and add your data people to it. 2.
 Go to the New Family page and edit the security on it to allow View to 
your new role, and also add RSR -Rock Administrator for view/edit, then 
add an all user DENY entry below that. Now no one but Your Add Family 
and Admin roles will even see the New Family page in the menu.</span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;"><br style="box-sizing: border-box;"></i></p><div class="message_gutter" style="box-sizing: border-box; text-align: right; position: absolute; top: 0px; left: 0px; width: 4.5rem; padding-right: 0.625rem;"><a href="https://rockrms.slack.com/archives/general/p1466782419000334" target="new_1466700303862" class="timestamp ts_tip ts_tip_top ts_tip_float ts_tip_hidden ts_tip_multiline ts_tip_delay_300" style="box-sizing: border-box; color: rgb(158, 158, 166); text-decoration: none; display: inline-block; position: relative; z-index: 1; font-family: Slack-Lato, appleLogo, sans-serif !important; font-size: 0.75rem; line-height: 1.125rem; opacity: 0;"><span class="light_only" style="box-sizing: border-box; display: inline;">10:33</span><i class="copy_only" style="box-sizing: border-box; display: inline-block; vertical-align: baseline; width: 1px; height: 0px; font-size: 0px; color: transparent; float: left; text-rendering: auto; -webkit-user-select: none; background-size: 0px; background-repeat: no-repeat;">]</i></a><span class="Apple-converted-space">&nbsp;</span><span class="message_star_holder" style="box-sizing: border-box;"></span></div><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block;"><br></span></p><p><span class="message_body" style="box-sizing: border-box; cursor: text; display: block;">Note
 that you could also use the existing Data Integrity Worker as the 
allowed role on the New Family page if the same people in that role are 
the ones that should be allowed to add people.</span></p><p><br></p>

Save Cancel

Question

0

Setting Security on the New Family page

0