Setting up access permissions for portal users
Although you can grant permissions to specific portal users, the most efficient way would be to assign permissions to portal user roles.
-
Assign common permissions to the “All portal users” role.
-
Add subordinate organizational roles to the “All portal users” role to differentiate permissions between different groups of portal users.
-
Link roles to customer accounts – to manage employees of your customers.
Grant permissions to the portal section data by assigning object permissions. See the “Object permissions” article for more information. You can manage portal user access on three levels:
-
Object operation permissions – ability to view, add, edit and delete data in an object.
-
Record permissions – ability to view, edit, and delete specific records in objects.
-
Column permissions – ability to view, edit and delete data in specific columns.
Attention
Before you start setting up access permissions for portal users, make sure that the corresponding objects are listed in the “List of objects available for portal users” lookup. If they are not – none of the object data will be available for the portal users.
Set up object operation permissions on the portal
You can manage general access permissions to a section, detail or lookup on the portal by setting up object operation permissions for the portal user roles. Setting up permissions for portal users is similar to that of regular users. Read more in the “Managing column permissions” article.
For example, you can set different permissions for working with the [Knowledge base article] section for portal users from Boston and Toronto (Fig. 1).
Fig. 1 Managing object operation permissions on the portal
As a result, portal users of the “Boston” role will be able to create new articles in the [Knowledge base] section, view and edit existing articles, but will not be able to delete them. Portal users with the “Toronto” role will only be able to view the knowledge base articles, without permission to modify or delete them.
Set up record permissions on the portal
You can manage portal use access to specific records in the portal sections, details, and lookups. If you enable record permissions in an object, all object records will become unavailable for portal users, unless specific permissions exist for each specific record.
Creatio can automatically grant permissions to each record in an object, based on the record author. Setting up permissions for portal users is similar to that of regular users. Read more in the “Managing column permissions” article.
For example, you assign permissions to knowledgebase articles created by portal users in Boston (Fig. 2).
Fig. 2 Managing record permissions on the portal
As a result, the users in Toronto will be able to see the knowledge base articles created by portal users from Boston.
Attention
Before you set up record permissions in an object, make sure that portal users have access to corresponding object operations.
Set up column permissions on the portal
You can manage portal user access to specific columns in sections, details, and lookups by setting up column permissions for the needed portal user or role. Setting up permissions for portal users is similar to that of regular users. Read more in the “Managing column permissions” article.
For example, you can hide the [Modified on] column to deny portal users and roles permission to view the date when knowledgebase articles were last updated (Fig. 3).
Fig. 3 Managing column permissions on the portal
As a result, the users of “Toronto” will not be able to see the “Modified on” column on the knowledgebase article pages.
Attention
Before you set up column permissions in an object, make sure that portal users have access to corresponding object operations and records.
See also
