If you are a long-time Evanced customer, you may have noticed a change to where our product's permissions are accessed and that there has been an increase to the security options available to you when creating or editing a staff's user account. This article is meant to address those changes which were released as a part of our permissions update on 12/10/2015 and how those changes may affect you and your staff.
Note: This security update does not affect our classic products such as Events, Room Reserve, and Summer Reader.
To view a detailed breakdown that defines each individual permission please see our Managing Security in New Core Applications article.
To review default roles/permissions, please see Default Security Roles.
How does this affect my current users and roles? Are they going to be deleted?
- No, your current users and roles will remain intact and function as they did previously. The only exception to this is with D!BS (please see the Why can't my staff access D!BS anymore? question in the D!BS section below). When logging in and looking at your past user accounts, you will notice that some of the permissions may have been renamed or are giving you more granular options to edit your staff roles even further.
What are global permissions?
- Global permissions are a subset of security features that affect the entire suite of products. For example, edits performed on a space in the "Location Setup" area of the site would affect how that room functions in SignUp, Spaces, and D!BS, and isn't limited to just one product.
How do I use the Global Permissions?
- Not all of your staff logins will need Global permissions. When first creating a new user, we recommend giving the Global permission first (if applicable) and add any product specific permissions that this user may need. This will help you think about how the Global Permission will interact with the product specific permissions.
Can we change the order of products so our product will be on top?
- You can collapse the product and global permission list by clicking on the green circle with the white minus sign, but Global Permissions will always be on the top as it applies to the full suite. The rest of the products will always be listed in alphabetical order, but you can collapse the products by clicking on the green circle/white plus icon.
What does this permission update mean for my users?
- You can now grant access to the BrainHQ features by adding a role and applying the "Access" permission.
Why can't my staff access D!BS anymore?
- If you have multiple Evanced products (e.g. D!BS, SignUp, Spaces, and Wandoo Reader) you may need to add D!BS permissions to the staff logins who need D!BS access. D!BS previously allowed any Evanced staff user login to access any part of the D!BS product. That is to say if you had multiple Evanced products along with your D!BS product and you were given a login that allowed access to SignUp or Spaces only, by default you were also given access to D!BS. With the new permission setup, no assumption was made that a SignUp staff user or other product user should also have access to your D!BS software, so you will need to edit each staff member's login which needs D!BS access in order to grant access.
What has changed with D!BS permissions?
- Prior to the permissions release on 12/10/15, D!BS did not have its own permissions set. If you had a staff login that gave you access to the dashboard page of any of your Evanced products (SignUp, Spaces, or Wandoo Reader), you also had access to the staff side of D!BS. Since this 12/10/15 permissions release, you can now offer granular permission to D!BS which lock out other products. (E.g. you can now limit staff to accessing only the D!BS product with their login and limit them from accessing any of your other Evanced products.)
Security used to be under the blue-wrench System Settings. Where did it go?
- All security has moved under the Settings section towards the bottom of the left navigation tree of products. SignUp permissions were previously located under the SignUp product link in the navigation tree but have since been moved to the same Security area as all of the other Evanced products for the sake of product continuity and ease of use.
What has changed with SignUp permissions?
- SignUp permissions have now been spread across the Global Permissions and the SignUp specific permissions. The reason for this is there is some overlap to what you can change in SignUp which may affect your other Evanced software. For example, a SignUp staff login may be allowed permissions to edit a location name, but by editing this location name it will change how this room is named in Spaces. Because of this, permissions which affect multiple products are located in the "Global Permissions" area.
How does this affect my current SignUp roles?
Your current SignUp roles will be broken up into two segments; one segment will be in Global Roles and the other segment in SignUp Roles. Any of your existing SignUp roles which contained permissions for the media uploader or the Find Patron workflow will have a global role created and assigned to the appropriate user(s). For example, the stock "Events Administrator" role will now be split into "Events Administrator-Global" and "Events Administrator."
What has changed with Spaces permissions?
- Spaces permissions now allow for much more granularity (similar to our SignUp product). This means you can even further refine what each of your individual staff members can and cannot have access to. (E.g. have a certain staff member's default view be a specific branch, etc.).
How does this affect my current Spaces roles?
Your current Spaces roles will be broken up into two segments; one segment will be in Global Roles and the other segment in Spaces Roles. Any of your existing Spaces roles which contained permissions for the Find Patron workflow will have a global role created and assigned to the appropriate user(s). For example, the stock "Spaces Admin" role will now be split into "Spaces Admin-Global" and "Spaces Admin."
What does this permission update mean for the Admin role and the ability to create new programs in Wandoo Reader?
- In Wandoo Reader's first release, the only permission level which was able to create a new program in Wandoo Reader was the "Super Admin" role (the single highest login which was given when your site was first given to you). With this new permission release, you now have the ability to give the Add/Edit Wandoo Program access to many different staff logins. For instance, your Children and Teens librarian could be given the ability to create a program in Wandoo Reader with their own login.
What has changed with Wandoo Reader permissions?
- Wandoo Reader permissions now allow for much more granularity (similar to our classic Summer Reader product). This means you can even further refine what each of your individual staff members can and cannot have access to. (E.g. prevent a certain staff member from logging on patrons' behalf, etc.).
How does this affect my current Wandoo Reader roles?
Your current Wandoo Reader roles will be broken up into two segments; one segment will be in Global Roles and the other segment in Wandoo Reader Roles. Any of your existing Wandoo Reader roles which contained permissions for the Find Patron workflow will have a global role created and assigned to the appropriate user(s). For example, the stock "Wandoo Reader Admin" role will now be split into "Wandoo Admin-Global" and "Wandoo Reader Admin."