There are three distinct security levels that control the data access rights to the information and documents controlled by TIMS3:
The user login controls access to the Windows Operating System and
determines the primary group that the user belongs to. This group may
be associated with a department in the organization or a staff level
in the organization hierarchy.
The identification of the user type to the TIMS3 application, i.e. the user privilege level. When the TIMS3 application product is first started, the user is identified as belonging to one of the following types of users:
A TIMS3 Manager - This is a privileged user that has all access
rights to all data on the system.
A User/Operator - This is a general user whose
access rights are determined by the Data Access Rights defined in the
associated Maintenance form.
A Reviewer - This is a user who has only read
access to data on the system, unless otherwise defined in the read
access rights on the system, where it may be defined that he has no
rights (i.e. not even for viewing) to data.
None - The user that has no access to TIMS3
TIMS3 Data Access Rights control what functions users can perform on the system, and whether viewers are able to read data on the system.
After you click on the Maintenance button in the main switchboard, you should click on the Data Access Rights button to view the form that determines the user’s access rights.
You can control individual access rights to projects, companies, contacts, documents, and document sets. For each of these data types, you define which of the users can perform review, edit, add or delete operations on the data. You can specify whether all users (All), no users (None), the owner (Owner), or the group (Group) have rights to perform that operation on that data type.
For the Review, Edit and Delete operations, the implication of each setting is:
|
None |
No user is allowed to view, edit, or delete the data |
|
All |
All users are allowed to view, edit, or delete the data |
|
Owner |
Only the user that created the data is allowed to view, edit, or delete the data. |
|
Group |
Only users belonging to the same group as the user that originally created the data is allowed to view, edit, or delete the data. |
For revision information, the Review, Edit, Delete, and Insert settings are based on the owner of the document record that the revision belongs to. The Review setting will also override the Insert permission for revision information.
Users that have the TIMS3 software installed as review workstations will be controlled by the Review settings alone. For example, if the Review setting for Companies is set to None, then this user will not be able to view company and contact information.
For the Add operation, the implication of each setting is dependent on the parent data type.
For projects, if the Insert rights is set to All, Group, or Owner, any user can create projects. If it is set to None, then only TIMS3 Managers can create projects.
For documents and document sets, the following settings apply for the Insert access rights:
|
None |
Only TIMS3 Managers are allowed to create documents and document sets |
|
Owner |
Only the user that created the project is allowed to create documents and document sets in that project |
|
Group |
Only users belonging to the same group as the owner of the project can create documents and document sets in that current project |
|
All |
All users are allowed to create documents and document sets |
For Companies, if the Insert rights is set to All, Group, or Owner, any user can create Companies. If it is set to None, then only TIMS3 Managers can create Companies.
For contacts, the following settings apply for the Insert access rights:
|
None |
Only TIMS3 Managers are allowed to create contacts |
|
Owner |
Only the user that created the associated Company is allowed to create contacts for that company |
|
Group |
Only users belonging to the same group as the owner of the Company can create contacts for that company |
|
All |
All users are allowed to create contacts |
In this section of the TIMS3 security set-up, you can define the privilege levels for the TIMS3 users. As described in the previous section, they may be either:
Reviewers, where these users can only view the contents of the TIMS3 database
Operators/users, who are the regular TIMS3 users
able to modify the file and data in the TIMS3 database, subject to
their data access rights as described above
System Managers who have full maintenance and administration rights over the TIMS3 database.
As shown in the figure below, the database also records the user’s default (last accessed) project and document, as well as a cached copy of the user’s groups as defined in the user profile of the Windows domain controller.
