Versions Compared

Old Version 9

changes.mady.by.user David Sampoli

Saved on

compared with

New Version 10

changes.mady.by.user David Sampoli

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Box # 1: Shows the Permissions+ tab currently selected.
  2. Box # 2: Shows the first batch of functionality toggles. Most have names that sufficiently describe what the toggle does. Descriptions:
    1. Allow Monitoring the Email Queue: Checking this box will allow this profile to approve or delete emails from the queue. Since this is for monitoring the email queue without Admin Permissions, you'll needed to use the Table View to Monitor the Email Queue.
    2. Allow Monitoring the Job Queue: Checking this box will allow this profile users to take actions on the jobs queue. Again, since this is for monitoring the jobs queue without Admin Privileges, you'll need use the Table View to Monitor the Job Queue.
    3. Hide Universal Search: Checking this box removes the universal search feature from this profile.
    4. Allow batch/bulk update: Checking this box shows the individual bulk actions available for this profile.
      1. Please note checking this box does not give users the ability to perform bulk update actions until individual settings are checked
      2. To enable all bulk update actions, each individual bulk update setting must be checked
      3. Sub-options that become available upon clicking this checkbox:


        1. Allow bulk update attributes

          Checking this box will allow this profile to bulk update fields of the records

          Allow bulk update status

          Checking this box will allow this profile to bulk update the state of the records

          Allow sending bulk email alerts

          Checking this box will allow this profile to bulk send an email alert for the records

          Allow generating documents in bulk

          Checking this box will allow this profile to generate a letter template for the records

          Allow bridger status check in bulk

          Checking this box will allow this profile to run a bridger status check on the records

          Allow scheduling payments in bulk

          Checking this box will allow this profile to assign payments for the records

          Allow scheduling reports in bulk

          Checking this box will allow this profile to assign reports for the records


    5. Allow accessing the dedupe tool: Checking this box will allow this profile to utilize and take action on the dedupe tool (used to merge duplicative records).
    6. Allow editing payment contingencies: Checking this box will allow this profile to edit the payment contingencies on a granted record.
    7. Allow editing funding sources: Checking this box will allow this profile to edit existing Funding Source Records and create new Funding Source Records.
      1. Requires that the User Role assigned has access to that workflow state.
    8. Allow editing request funding sources on active grants: Checking this box will allow this profile to edit the Request Funding Source on a granted request record.
    9. Allow editing and deleting Ad-hoc and Excel Reports: Checking this box will allow this profile to edit or delete existing Ad-hoc Report and Excel records.
    10. Allow editing of select (dropdown) fields: Checking this box will allow this profile to edit select field values from the form.
    11. Allow Theme Switching: Allows the user to use the Component Theme-Switcher on Grant Request records. This allows the user to switch the Form type after the record has been created.
  3. Box # 3: Shows the second batch of functionality toggles. These toggles are all related to User credentials and security. Descriptions:
    1. Allow updating users' login: Checking this box will allow this profile to edit a user’s login.
      1. Login fields will be available on the user record.
      2. Login fields will appear in the LOI (Registration) Connect modal.
      3. This means if a user with this permission connects a user to the system via the Connect component, the New User Email (if enabled) will trigger.
    2. Allow updating users' password: Checking this box will allow this profile to edit a user’s password.
    3. Allow updating users' SSO UID: Checking this box will allow this profile to edit the sso_uid core field.
      1. If SSO is configured for your site, then the SSO UID is treated like a password. Enabling this option will allow the user to access other users SSO UID fields on the user record.
    4. Allow impersonating grantees: Checking this box will allow this profile to impersonate any profile with the “Grantee” category.
  4. Box # 4: Shows the Delete button where you can delete the Profile you currently have selected. This is highly dangerous! Please only delete profiles that were created in error and are not attached to any user accounts; deleting any User Profiles that are in use will result in users immediately losing the Portal Access and permissions that they need to complete their work.
  5. Box # 5: Shows where you can Save your changes to this profile. If you've made any changes, you must hit the save button in order for your changes to be effectuated. Otherwise, your changes will be discarded.

...

  1. Box # 1: Shows the Roles tab currently selected.
  2. Box # 2: Shows the Role that's currently selected. You can tell which Role is currently selected from the slim green line that appears to the LEFT of the Profile name and by matching the Role name with the name shown in Box # 4.
  3. Box # 3: Shows the Roleable Type dropdown selection box. There are four possible options to selected here:
    2. This field determines which Program (or sublevel below program) is available for selection at the Programs level when selecting a user's User Role. The WPP always leaves this field set at the Program-level (and then we always enter 'All Programs' at the specific program selection menu).
  4. Box # 4: Shows the configurable name of the Role type. This can be changed at any time without breaking anything in the system. However, please avoid doing so, as we've trained employees on the current names of the Roles we've configured.
  5. Box # 5: Shows the Delete button where you can delete the Role you currently have selected. This is highly dangerous! Please only delete roles that were created in error and are not attached to any user accounts; deleting any Roles that are in use will result in users immediately losing the permissions that they need to complete their work (i.e. being unable to submit an application).
  6. Box # 6: Shows the Save button where you can save any changes made to the Role. If you've made any changes, you must hit the save button in order for your changes to be effectuated. Otherwise, your changes will be discarded.
  7. Box # 7: Shows the New Role button where you can create a new Role if needed.

Security Tab

The Security Tab contains several different settings allowing you to control features like the minimum password length required, the ability to control whether users can use multiple Profiles, multi-factor authentication, etc.

Before you go on...

Fluxx has a great article that discusses the ins and outs of the Security Tab. See the article here: https://fluxxdev.atlassian.net/servicedesk/customer/portal/1/article/1422295246?src=-168973113

The Security Tab

The main settings used from with the Security Tab are found within the Security Settings item, as shown from the screenshot below. Please see the screenshot for highlighted items from this screen and beneath the screenshot for descriptions of said items.

Image Added

  1. Box # 1: Shows the Security Tab as currently selected.
  2. Box # 2: Shows the Settings Menu that's currently selected. You can tell which Settings Menu is currently selected from the slim green line that appears to the LEFT of the Settings name.
  3. Box # 3: Shows several settings related to User Passwords within Fluxx.
    1. Minimum Password Length: This feature controls the minimum required password length. Options range from 3-15 Characters, which includes all letters, numbers, and symbols (e.g. ^,*,&, etc.).
    2. Don't allow passwords to contain/match the login: Unchecking this box allows a password to match the user's sign in user name (i.e. Login name; at WPP this is the user's email address 99% of the time). If this box IS checked, then the password CANNOT contain the user's login within the password.
    3. Don't allow passwords to contain more than this number of repeated characters in a row: This feature controls the number of characters that can be repeated in a row within the password. Options range from 2-10 Repeated Characters ALLOWED within the password; any number of repeated characters that exceeds the number listed here will result in the password being declared invalid.
  4. Box # 4: Shows several options relating to user's failing to enter their password correctly and a setting for the maximum duration that a password can be used for. 
    1. Number of failed login attempts before account lockout: This feature controls the number of times a user can incorrectly enter their password before their account is temporarily locked. Options range from 2-20 times.
    2. Account lockout ban duration: This feature controls the amount of time a user is temporarily locked out of their account for after entering their password incorrectly the required number of times. Options range from 0 minutes - 24 hours.
    3. Ensure the same password was not used within at least this number of changes: This feature controls how many password changes until a previous password can be used again. Options range from 2-10 Password Changes before an old password can be re-used.
    4. Maximum Password Age Policy: The number of days a password can be utilized before it expires. Options range from 30 - 120 days (or blank, i.e. no maximum number of days). When a password expires, the user will be required to set a new password.
  5. Box # 5: Shows three checkboxes that can require certain characters to be used within the password that a user sets. If any of these checkboxes are checked and a user fails to include the character(s) specified in the checked checkbox, then the password will result as an invalid password when they attempt to set it.
    1. Uppercase letter (A through Z): As the name implies, this requires that the password contain at least 1 uppercase letter.
    2. Lowercase letter (a through z): As the name implies, this requires that the password contain at least 1 lowercase letter.
    3. Number (0 through 9): As the name implies, this requires that the password contain at least 1 number value (0 - 9).
  6. Box # 6: Shows the Cancel button. Clicking on this button will Discard any unsaved changes made to the current settings menu.
  7. Box # 7: Shows the