User access rights allow you to see the user on tabs and in reports, edit the user properties, and grant access to system objects. For example, a service manager should have user access rights to configure the service structure.
On the Access tab of the user properties, you can specify the rights this user should have to other users. To do this, select the Users item in the filter and select the required access rights to every user from the list on the left. Read more about granting access rights here.
Access rights on the tab are divided into standard and special. All access rights from these two lists are described below.
Standard access rights
The list of standard access rights to users contains the following rights:
Access right | Description |
---|---|
View object and its basic properties | |
View detailed object properties | Doesn’t influence the access to the user. |
Manage access to this object | Allows seeing the user on the Access tab of the properties of other users, where you can configure access to this user. When transferring access rights, take the hierarchy rules into account. |
Delete object | Allows deleting the user from the system. See more information about the peculiarities of deleting users here. |
Rename object | Allows changing the user's name. |
View custom fields | Allows seeing custom fields (that is, not marked as administrative ones) in the user properties. |
Manage custom fields | Allows creating, editing, and deleting custom fields in the user properties. Cannot be granted without the View custom fields access right. |
View admin fields | Allows you to see administrative fields (that is, custom fields marked as administrative ones) on the Custom fields tab of the user properties. |
Manage admin fields | Allows you to create, edit, and delete administrative fields in the user properties. Cannot be granted without the View admin fields access right. |
Edit not mentioned properties | Allows you to edit settings on the Advanced tab and individual user settings (using the import tool), as well as send notices to the user from the management system. |
Change icon | Doesn’t influence the access to the user. |
Request reports and messages | Allows seeing the records of the user's login to the system and to other services on the Logs tab. It also allows executing reports on users: Log, Logins, and Custom fields. The Custom fields table additionally requires the View custom fields access right, and the Log table, the Manage object log access right. |
Edit ACL-propagated objects | Doesn’t influence the access to the user. |
Manage object log | Allows executing a report on the user with the Log table. This report additionally requires the Request reports and messages access right. |
View and download files | Doesn’t influence the access to the user. |
Upload and delete files | Doesn’t influence the access to the user. |
Special access rights
The table below lists special access rights to users.
Access right | Description |
---|---|
Manage user's access rights | The Access tab is available in the user properties, where you can grant the user access rights to system objects. The user is also shown in the properties of objects in the list of users to whom you can grant access rights. |
Act on behalf of this user | Allows logging in to the system on behalf of this user, creating objects on behalf of this user, and perform all other actions available to this user. It also allows changing the user's password on the General tab of the user properties. |
Change user’s general properties | Allows changing options on the General tab of the user properties. To change the user's password, you should additionally have the Act on behalf of this user access right. |