DevResults uses a role-based access control style of permissions. In plain English:
- You never assign permissions directly to an individual user
- You assign permissions to a group
- To give a user permissions, you assign a user to that group
This makes it very easy to see, at a glance, what permissions a user has. It also makes it very easy to update permissions for users quickly. As soon as you add or remove permissions from the group, all users in that group automatically have their permissions updated.
Every site comes pre-built with several permissions groups. You can edit the permissions for these groups or create additional groups:
- Owners: Can configure the system's global settings and lists. Can manage user accounts and logins, reset passwords, and assign permissions.
- Managers: Can mark checklist items as approved. Can sign off on results data submitted by partners.
- Partner Managers: Can manage users for their organization and also edit information for their organization's activities
- Partners: Users from other organizations with limited access to activities they implement.
- Users: Can log into the system to manage activities.
- Viewers: Can log into the system, browse activities, and view reports. Cannot change anything.
- No Access: Cannot log into the system. (Generally used when users have left your organization.)
Permissions are assigned on about 20 categories, which cover most key concepts in DevResults (Indicator Results, Indicator Definitions, People, Organizations, Financial, Geographies, etc.). For each category, you can assign one of three levels of access:
- No Access
- View & Edit
The one exception to this is partners and partner managers, who automatically only see activities and indicators relating to their organizations. See Partner Permissions for more information.
Editing User Permissions
For instructions on how to add a user to a group, see Change a User's Permissions.