We need the ability to customize user permissions on a task by task or page by page basis. If our front gates needs to see Group Sales to edit payments, refund and check in groups, they should not have the rest of group sales ability to mess with payment types, resources etc. We should be able to break out user permissions by each function specifically.
Another example is import constituents is under admin tab, well all of our group sales and development now have full administrative privileges just because they need to add constituents, it doesn't make sense. Or smart fields also under admin. We now have most of our users with almost every permission because they need one or two things in each category and we can't limit what they have access to. This really needs to be changed.
We were shown in training that this is possible, then during implementation were told this was taken away as a feature. Can we have it back again.
Miriam Piper
Not all museums have roles that fit the model Altru has created. We need to be able to define our own roles to address security compliance. Right now we are forced to assign what often amounts to too many permissions to our staff. Best practices in system administration includes giving the minimum amount of permissions to staff while maintaining their ability to do their job. The lack of granularity also hand-ties us when trying to meet PCI DSS compliance or pass an internal university audit. This should be a high priority for Blackbaud.
Attachments Open full size
We have similar gate issues. It would be great if the "calendar view" had the ability to open the programs and events as view only without providing access to edit. Our gatehouse employees need to see what's going on, but they shouldn't be able to edit anything. Security Roles are really confusing right now and trying to figure out how to give the right access without too much access is really tricky.
Attachments Open full size
Yes, hate the "all or none" approach to security roles in Altru. Was really nice to customize roles in our old ticketing system based on tasks.
Attachments Open full size
Agreed! To this I would add custom groups or meta roles that are groups of roles that can be assigned. Raiser's Edge really has a good model for this.
Attachments Open full size