This activity allows the definition of access through Role-Based Access Groups. The Role-Based Access Group enables Teams or individuals to be granted access to multiple Persons simultaneously. In these groups, a Member's Context can be set as either a Person or a Team. If the context is set to Team in the Member section, access will be granted exclusively to the Members of that specific Team.
Each Member within the group can be assigned distinct Access Roles, each with a specified Validity Period that defines the specific data they can access and actions they can perform for the individuals within the group.
This approach eliminates the need for assigning permissions on an individual basis. Moreover, it is particularly beneficial when certain persons cannot be accessed through the standard Team-based Supervisor-Member access.
It is possible to assign an Expiration Date to a Role-Based Access Groups. Once this expiration is reached, the group's status automatically changes to Inactive, and any access-related tasks dependent on the group will be disabled.
By default, a Member will only have visibility of transactions that were registered during the Validity Period of an Accessible Person. To view transactions from a different period, the following options are available:
Adding and managing Accessible Persons in the Role-Based Access Group can be done by either individually adding Persons to the Accessible Persons list or through bulk access configuration, enabling the efficient setup of permissions for multiple personnel to be added simultaneously as Accessible Persons.
The access validity for each Member is determined by the intersection of their own Validity Period and the Validity Period assigned to the Accessible Person. This ensures that access is granted only during overlapping periods of validity, aligning with both the Member's and the Accessible Person's access timelines.
The configured Bulk Setup Number will be displayed alongside the Accessible Person to identify the source of the Bulk Update Setup result within the Role-Based Access Group. If the Accessible Person is added manually, this field will remain blank. Accessible Persons and their associated Employees generated from the Bulk Update Setup are non-editable and non-removable. However, manually added records can be edited or removed later, subject to specified validations.
When the Exclude option for an Accessible Person is set to No, the individual is included in the Accessible Persons list of the Role-Based Access Group. However, if the Exclude option is set to Yes, exclusion takes precedence, and the individual will not be considered an Accessible Person for the group.
For an Accessible Person record, when All Employments is set to Yes, all Employees associated with that Person are included, and individual Employees will not be listed separately. However, if All Employments is set to No, not all Employees are included; only those specifically listed in the Employments section will be granted access.
As a result of this activity, access will be granted to Role-Based Access Group.