Levels is the most important setting in the site as a staff member’s level will dictate what they can see and do within StaffSavvy. Levels are also placed in a hierarchy which means that staff can never increase their access or give high access than they are to others.
Each level is assigned permissions and the permissions dictate what a staff member can do. All staff are shown the level of colleagues so they can see their authority within your organisation.
While the hierarchy of levels is linear and they must always be in a fixed order, the actual permissions assigned to each level can be vastly different.
Levels do not inherit permissions from the level below them and can have a completely different set of access permissions. For example, a venue manager might have a significant number of permissions to manage their staff. Payroll staff might have far less access as they only need to process payroll but there will be hierarchically higher than a venue manager as they can see wages for all staff.
Setting Access Permissions
StaffSavvy comes loaded with several default levels. These can be renamed and customised. Additional levels can be added and these default levels can also be removed.
Permissions can be assigned two different ways; either via the levels page where you can choose which permissions the level has.
The other method is to use the Control Permissions page where you can set which levels have access to a particular permission. Both methods do the same thing and can be interchanged.
The Control Permissions page also has additional access levels that can be used:
As you would expect, this option allows all staff to access this permission.
Staff have this permission for their own account
This allows staff to perform this action on their own account. Note that the staff member might have permission via the access level already.
Direct Line Managers Only
This allows line managers to have this permission on the staff they manage. It is only the direct line managers and anyone further up the line manager chain does not have this permission on this person.
All Line Managers
This allows line managers and everyone above them to have this permission on the staff they manage (directly on indirectly).
Venue Managers (for items within the venue they manage)
This allows staff who are venue managers to conduct the actions if the item is within their venue. E.g. permission to approve time entries within the venue they manage.
Testing the access levels of your staff is just as important as setting them up in the first place. StaffSavvy’s permissions system is immensely powerful and flexible but this means you will need to double check the settings you have used.
System managers can use the “God mode” to take control of a user's account. This will display the site as the selected user and their access level. This is perfect for checking permissions and ensuring they only have access to the information and functions you want them to have.
You can also view the site as that user but with your access level. There is another Magic Wand icon next to the user’s image which allows system managers to view the user's account as them but also with either access level.
Once enabled, you can use their account but with your access permissions (excluding line manager access permissions as this account might not be a line manager).
Specific Permissions for staff members
Staff Members can be granted access to certain items but excluded from their own items. This can allow all venue managers to approve the time entries that take place at a venue they manage except they would not be able to approve or edit their own time entries.
This option can be applied to any permission which can be granted to either line managers or venue managers.
To access this navigate to System > Configuration > Manage Permissions.
This will take you to a page that is full of different permissions that you can set access levels to. Some permission levels have hierarchical systems that mean that these are identified by a hierarchical icon as seen in the image below. For these permissions you can grant or limit access depending on hierarchical position, with the caveat that the staff member can not approve themselves, however, can be approved by a colleague of the same status in the company.
This can be turned either on or off by clicking the permission and either allowing or blocking the staff member from approving their own items.
Permissions: Access to Lower Access Levels Only
With this option, you can grant access for an access level but they only have access to complete that task on access levels lower than theirs. This might be used to allow HR teams access to edit staff details but not each other as they will share an access level.
Permissions: Block Access
With this option, you can override access and block the user from having that permission. This might be used to allow access to all staff but to block certain access levels or to give line manager access but then block a certain level of line manager from that particular permission.
Note: It’s always safer to grant access than to take it away so we recommend only using the block option when absolutely needed. Always test and check your permissions once you make a change.
Please sign in to leave a comment.