OrgChart Now Help Guide

Table of Contents

Row-Level Security Example

Audience

Audience: Administrators Edition: Enterprise & Premium

Overview

Row-Level Security Profiles limit which field values a user can access on a row by row basis. For example, you can restrict a manager so that they can only access employee performance data for their direct and indirect subordinates.

Configure Row-Level Security Profiles

1.) Download the Sample Data.

2.) Using the Sample Data, Create a Master Chart called RLS Example. Reference the article called "Create a Master Chart" for step-by-step instructions.

3.) Select More > Account Settings, and then select the Security option.

4.)   Click on the Create New Profile button. An Untitled profile will be created.

create_new_profile_button_10_5.png

5.) Click the Gear icon, and then select the Rename Profile option.

**Insert screenshot of gear and options together

Gear_icon.png
Profile_Options.png

6.) Name the profile "RLS", and then select OK.

7.)  Click on the Gear icon, and then select the Edit Configuration option. The Security Configuration panel is displayed.

screenshot

8.)   Click on the Allowed Fields row (under the Security Rules heading).

9.) Click the + button (associated with the Fields heading) to add the following fields:

  • Name

  • Title

  • Department

  • Location

Note

NOTE: Allowed Fields authorizes which fields a user can access. Any field not explicitly added to the allowed fields list, will not be available to an end-user (assigned to a specific Row-Level Security profile). Restricted Fields should not be used unless directed by an OrgChart Professional Services Consultant.

10.) Click the + button (associated with the Security Rules heading). and then select the Conditional Rule option. This allows you to create a security rule that controls access to a specific set of fields.

11.) Click the + button (associated with the Definitions heading).

12.) Select Equal from the Rule Type dropdown menu.

13.) Select the Add New Condition button to define the rule criteria.

14.) Select Department and Human Resources as shown in the screenshot below. This condition authorizes access to specified fields, only if the department associated with the current user is "Human Resources."

Conditional_Definition_Editor.png

15.) Click Save (in the Edit Condition dialogue).

16.)   Select the + button (associated with the Fields heading), and then select Rating .

screenshot?

17.) Select Save.

Assigning a Row-Level Security Profile to an Access Group

1.) Select More > Account Settings, and then select the Access Groups option.

2.) Select the Create New Group button to create a new Access Group. The Access Group Configuration will be displayed.

3.) Name the Access group "RLS."

4.) Configure the Access Group settings to match the example below:

access_group_config_RLS_plus_settings_.png

5.) Select Basic from the Allowed Views dropdown menu, and then select Save.

6.) From the Settings dropdown menu, select the Manage Users option.

7.) Select the Add New User button.

Add_new_user.png

8.) Enter the User ID, Name, and Email Address, as it is shown below. Then, select Ready Only from the Role dropdown menu and RLS from Group dropdown menu.

David_Jackson_new_user.png

9.) Click on the Create button to add the new user.

10.) Click Exit.

11.) Click Select More > Chart Settings and then select the Mapping option.

12.) Select Rating from the dropdown menu associated with Title. This will allow the chart to map the Rating data in a field visible with the current box style layout.

13.) Select Save.

14.) Select Exit.

15.) Select More > Sign Out.

16.) Select the “Support Login” option above the login menu on the OrgChart Now welcome page.

17.) Enter your email and password in the first two boxes. Then, enter David Jackson's email in the third box. This will allow you to sign in as David Jackson.

david_jackson_sign_in.png

18.) While logged in as David Jackson, note that you can see the Rating of other employees because David Jackson is a member of the Human Resources department.