To enhance the security of your most sensitive Processes, Activ allows you to make any Process within the module private. This adds an additional level of security to the Process that overrides normal module permissions, limiting access to the Process to the users that you specify. This means that users with permissions to the Processes module will only be able to view and modify a Private Process if they have the appropriate Access Rights (see below).
By default, Activ users have no Access Rights to Private Processes. If a user has not been given access to a Private Process they will not see the Process or its contents even if they have ‘Admin’ permissions to the module. In addition, if the Process is linked to within another Process or a Task (etc), the links will only be visible to users who have ‘Can View’ access to the Private Process. These links will be hidden from all other users. As such, it is important to review the Access Rights tab and assign the appropriate Access Rights to all users at the time that the Process is made Private.
It is important to note that only users with ‘Admin’ system permissions for the module can make a Process Private (see System Permissions for more information).
*****
To make a Process Private, open the Process on its Properties tab and click on the Edit button.
Change the Private?* flag’s dropdown menu to ‘Yes’ and then click Save.
A new Access Rights tab will become available. This tab contains a list of your system users and their current Access Rights to the Process. There are three levels of Access Rights available:
- Can View? – The user will be able to view the Process.
- Can Edit? – The user will have full ‘Edit’ rights to the Process.
- Can Delete? – The user will have full ‘Admin’ rights to the Process.
By default, all other users are assigned no access rights to the Private Process, meaning that they cannot view or edit the Process. To make changes to a users’ Access Rights open the Access Rights tab and click on Edit.
The list of users will open for editing. Use the tick boxes in each column to assign Access Rights to the appropriate users, and then click Save.
Note that Can Edit? and Can Delete? will only become selectable once a user has been given Can View? rights to the Process.
A log is maintained of all changes to Access rights, and this can be viewed on the Change Log sub-page of the Access Rights tab (see View the History of Changes to a Private Process’s Access Rights – Change Log).
It is important to remember that the Access Rights given to a user for a Private Process will take precedence over the system permissions that the user has for the Processes module as a whole. For example, if a user has ‘Read Only’ system permission for the Processes module but ‘Can Delete’ Access Rights to a Private Process, they will be able to delete the Private Process. Conversely, if a user with ‘Admin’ system permission for Processes only has ‘Can View’ Access Rights to a Private Process, they will be able to view the Process but will not be able to make any changes. Access Rights to individual Private Processes override system permissions.