***Security Role access is subject to change***.
NOTE: It is the Organization’s responsibility to maintain their account Users and Security Roles.
NOTE: When your Applicant Portal is converted so you have Recipient Portal access as well, all security roles for Users can be found in the Recipient Portal; there are more security roles options. Please review that the Users in your Organization have the appropriate Security Role.
Change a User’s Security Role
Step 1: Administration (left navigation) > System Security > Users
Step 2: Click the edit pencil icon on the User you want to change.
Step 3: In the Security section, if necessary, select the Object Type, appropriate Sub-Type, and Advanced Restrictions for the user desired role.
NOTE: If you only want the User to only see assigned Grants, you DO NOT have to select any Object Types. See 'Security Role Examples' below.
Step 4: Click the green Update button.
Explicit Security Roles
Explicit security roles are attached to the user role.
NOTE: Being assigned to the award is a implicit security role, if you have View Only access, you will still be able to edit the awards you are the Recipient Manager/Recipient Additional User.
Object Types (Explicit Security Roles)
| Account (all records) |
If selected, will auto-select all Object Types (Is different than selecting individually). Viewing rights to ALL awards and ALL applications: Admin - Has full functionality of awards, has full functionality of 'Administration' module; can create/edit/delete users and update Organization Information. Can create/edit/delete/submit applications. Editor - Has full functionality of awards, has partial functionality of 'Administration' module; can edit users and update Organization Information but cannot create/delete users. Can edit applications, but not create/submit. User - Can create expenses/achievements/custom forms/documents to all awards, but not edit award details page. Views the 'Administration' module, but has no functionality of it. Can edit applications, but not create/submit. View Only - Cannot edit any awards. Does view the 'Administration' module, but has no functionality of it. Can only view applications. |
| Applications (Applicant Portal) |
Select to give viewing rights to ALL applications: Admin - Can create/edit/delete/submit applications. Cannot edit anything (but can view) the 'Administration' module of the Recipient Portal. Editor - Can edit applications, but not create/delete/submit applications. User - Same as Editor role. View Only - Cannot create/edit/delete applications. |
|
Departments |
Not Applicable - Recipient do not have functionality of Departments, will function the same as the Grants Object Type. |
|
Grants |
User will see ALL awards in the Portal Admin - Has full functionality of awards, has partial functionality of 'Administration' module; can view but cannot create/edit/delete users and cannot update Organization Information. Editor - Has full functionality of Awards, but does not view the 'Administration' module. User - Can create expenses/achievements/custom forms/documents to all awards, but not edit award details page. Does not view the 'Administration' module. View Only - Cannot edit any awards. Does not view the 'Administration' module. |
|
No Object Type Selected |
User will see only awards they have Implicit Security Roles to (Assigned as Recipient Manager, Recipient Additional User, Responsible Individual). |
Advanced Restrictions (Over-rides Explicit and Implicit Security Roles)
| Approvals | Not Applicable - Recipients do not have this functionality. |
| Budget | Removes the Financial dropdown (Budget and Expenses functionality), in the Post-Award tab for all awards. |
| Payment Authorizations | Not Applicable - Recipients do not have this functionality. |
| Post-Award | Removes the Post-Award tab on all Awards. |
| Salary |
User cannot view 'Personnel' Line Item types on the Budget or the Expense grid. Payment Requests and Budget Reporting Periods will pull these expenses in for the user where they can see the amount but not the attached documentation, but would be able to view the documents from the Documents folder. |
Implicit Security Roles
Implicit security roles are additional security permissions that are given to a user for a specific record, although the Advanced Restrictions selected for the User will over-ride the implicit security roles (i.e. a Recipient Manager with a 'Salary' Advanced Restriction will not be able to see Personnel expenses or line items even if they are the Recipient Manager for that award).
Recipient Managers / Recipient Additional Users
Recipient Managers and Recipient Additional Users have full access to edit grant details, and create, edit, and delete all items related to their grant. These users may also assign responsibility for goals and line items to other users.
Assign Recipient Manager to an Award and Recipient Additional Users
Responsible Individuals
User Sub-Type security roles can create expenses and create performance plan achievements on awards that they are assigned as the Responsible Individual role. Their Explicit Security Role will determine if other parts of the award can or cannot be viewed.
They are not able to create or submit Reporting Periods or Payment Requests.
Security Role Examples
"I want the User to see/edit ONLY the awards that they are the Recipient Manager, Recipient Additional User, or Responsible Individual (assigned to), and not see any applications."
NOTE: None of the Object Types are selected.
"I need the User to just submit applications and not view my awards, unless they are assigned to them specifically."
NOTE: The 'Admin' has to be selected or else the User won't be able to submit the application.
"The User needs to be able to create applications and view/edit all awards, but I don't want them to be able to create additional users or edit current users."
More Information
If you have questions on on security roles, please contact AmpliFund Customer Support.