Access restriction
As well as determining the areas of the system a user can access, the combination of Role and Group are also used to control visibility of cases and case details and the operations that can be performed on a case.
Access to cases
Below are some examples of which cases users have access to based on their Role and Group membership.
All cases access
As an Administrator I can see all cases of all types as my role has the View all cases permission.
Group-Service access
As a user belonging to the Complaints group with the Staff role, I can see
all complaint cases regardless of whether or not the complaint is assigned to me
or my group because the Complaints group has access to the Complaints service.
Group assignment access
As a user belonging to the Parking group with the Staff role I can only see
a complaint case if it is assigned to me individually or to the Parking group
because the Parking group does not have access to see Complaints but the
Staff role allows me to see cases assigned to me or my group.
Direct assignment access
As a Citizen user, I can only see cases that I have created or that have been
created on my behalf through my Person record where the Case Type has the
Cases visible to associated people option enabled because the Citizen
role can only view cases where they are directly assigned.
Other areas that are permission controlled
Fields
When creating a case field administrators must specify which roles can view the field.
Transitions
When creating a transition administrators must specify which roles can see and trigger the transition.
Case dates
When creating a case date administrators must specify which roles can see the case date.
Case notes
Case notes are visible to Staff and Third Party users only (when using standard role configuration).