Clarity’s Modern User Experience (MUX) has evolved to provide increased control when it comes to the way users view and use information recorded against investments. The introduction of Field-Level Security (FLS) in version 15.8 allows system administrators to define explicit controls at the attribute level. One of the most common uses of this feature is to control stage gate reviews for projects.
These fields can be set up so that:
- The specified field is not visible to select users; or
- The field is visible, but is read only for permitted users; or
- The attribute is visible and able to be edited by required users.
There are many applications for this level of control and the outputs provide numerous benefits to the entire organization. For one, it allows you to provide access to specific attributes not only on the investment records themselves, but it also controls the display of these fields in both board and grid views.
This is useful when dealing with sensitive information and provides an easy mechanism to ensure only permitted resources can view this data.
The system also ensures that system administrators can always view these attributes when configuring Blueprints – so you’ll never have to worry about losing visibility of these fields.
Many organizations will have a project framework, or methodology by which they govern their projects. By using field-level security, the PMO governance team can control who can access the Stage field, and only update the stage of a project once all governance requirements have been met.
In this example, we’re going to work with the Stage field on the project and we’re going to set different types of security based on user groups to control stage gate reviews.
But before we review the attributes, let’s get a sense of our demo users and the groups they belong to.
Any updates to user groups must be completed in the Classic User Experience. Simply navigate to Administration > Groups.
PMO Services
This is the group who, once we configure our field-level security, will be able to both view and edit the Stage attribute.
Our test resource is Rachel Armstrong.
PMO Project Manager
We also have our project manager, who is in the PMO Project Manager group, Paul Martin. By the end of this session, Paul will be able to view the Stage field, but not update.
PMO Team Member
Our final group is the PMO Team Member group, with our test resource Tom Morris, who will not even be able to ‘view’ the Stage field on a project record, once we have completed our FLS update.
Prior to Field Level Security Updates
The following is a snapshot of what each of our test users is currently able to see (and do) before we apply our field-level security.
As you can see, our most basic system user, our PMO Team Member resource, is able to view and edit the Stage field on our test project record.
When we switch our logged in user to our resource from the PMO Project Manager group, Paul Martin, we see again that this user can view and edit the Stage field.
And when we log in as Rachel, from our PMO Services team, we can also see that she has access to edit the Stage field.
Field-Level Security Updates
Field Level Security can be updated from the Modern User Experience by navigating to Administration > Attributes.
We have applied the following filters to show us attributes which belong to the Project object and where the name of the field contains the text ‘Stage’.
In order to apply security to the field to control stage gates, simply check the box in the Secure column.
If you make no other updates at this point, then the field will not be visible or editable for any users. This is because we have not yet added any groups to the following columns.
Access View: Once a group has been added here, this group will now be able to view the attribute but they will not be able to edit.
Access Edit: When a group has been added to this field, they will be able to both view and edit the specified attribute.
It really is as simple as that. Because we have not added the PMO Team Member group to either the Access View or Access Edit columns, they no longer have access to this attribute.
Let’s see what it looks like now for the end user.
PMO Team Member
When Tom Morris logs in, the Stage field is not visible.
PMO Project Manager
As part of our FLS update, the PMO Project Manager group has been given view access. Now when Paul Martin logs in, he can see the Stage attribute, however he is no longer able to edit this field.
You will also notice small shield symbol appears, which indicates the attribute has been secured.
PMO Services
Our final group, PMO Services, will continue to have full access to the Stage field and will be able to view and edit data for this attribute.
That’s it. Your field level security updates are now complete.
If you are interested in learning more about FLS, Rego can guide you.
Our experienced, real-world practitioners have helped organizations of all sizes and industries maintain and control access rights and security at all levels within Clarity. To learn more, contact us or reach out to your Rego Account Manager.