Custom Attribute Permissions

How to modify the individual permissions of each custom attribute per role.

A feature offered by the user manager is the ability to modify and create personalized roles which includes giving users individual permissions to Add, Modify, and View a field or attribute. To learn more about role permissions find the details here.

This feature is especially useful when you have attributes that contain sensitive information that only some users should see. For example, if you create a custom attribute that stores information about the locations but you only want managers to have edit access, you can remove Edit and Add permissions for this attribute for location users.

Modify Attribute Permissions

When a new attribute is created, a corresponding permission entity is created for that attribute. See this article on how to add custom attributes.

Go to Users>Roles and select an existing role or add a new one.

In the Permissions tab there is a list of all the fields and functionality that can be controlled through permissions. Under the regular fields permissions all custom attributes will be listed.

There are three permission options per field or attribute:

Add: Enable/Disable to give users the ability to add a value into the custom attribute when adding a location.
Modify: Enable/Disable to give users the ability to edit the value in the custom attribute field when editing a location.
View: Enable/Disable to give the users only the ability to view the value of the attribute when viewing or editing the location.

In the example above we removed the permission to Edit and Add for the “Accredited” attribute.

This means the user will only be able to see the value of the attribute while still being able to edit and add information in other fields.

Complex Attributes Permissions

The permissions of complex attributes work a little differently than regular attributes because you can add multiple instances of a single complex attribute to a location. (To learn more about complex attributes see this article.) Add, modify, and view access are controlled by permissions in relation to complex attributes instances. Since a record of a complex attribute includes all sub attributes, there are no individual permissions for sub attributes.

So, the permissions options for complex attributes work as follow:

Add: Enable/Disable to allow the user to add a new record of the complex attribute.
Modify: Enable/Disable to allow the user to modify and delete an existing record of a complex attribute.
View: Enable/Disable to allow the user to view an existing record of a complex attribute.

In the example above, we removed the option to Add from the “Teachers (Complex Attribute)”. This user will be able to view, edit, and delete the “Teacher Name” and “Courses” sub attributes under the existing record but won’t be able to add new ones.

NOTE:  You must add permissions to View if you want to add permissions to Add or to Modify.

            To completely hide the complex attribute tab, you must remove all permission options.