Who can set permissions for users in MinuteBox?
Administrators are able to set User Permissions in MinuteBox
Am I an Admin?
- Go to Settings - press g + 0 (zero)
- Alternately, In the top right corner of the screen, click the ellipses •••, select Settings from the options provided
- On the left panel click Users
- Locate the User in the list provided
- Find the column with the heading Admin
- If there is a check mark in that column for the user row then that user is an admin.
☝️ Admin rights are granted by Administrators only
Setting Permissions for Users
☝️ Note: By default, users cannot view any entities in the system; i.e., if a User is added to your account and Enabled they see a blank dashboard - no Entities are visible until granted permissions.
Admins are able to access all Users - their access cannot be restricted
IMPORTANT: See the warning at the end of this document regarding the Create user filter.
Step 1 - Create an Entity Filter for the Entities to Which Access will be Granted
- Go to the Dashboard
- Click the Filter button in the Toolbar
- Create a Filter based on the options available for the entities you want to add permissions to
For example, to add permissions to all your Ontario entities, create a filter where Jurisdiction = Ontario
- Click Save Filter... - type a descriptive name in the field provided. The newly created filter appears in the left-hand panel
Step 2 - Create a user filter for the users that you want to give permissions to
- Go to the User list - press g + 0. The User List displays
- Follow the steps above to create a Filter for the users to which you want to grant permissions.
For example, if all Law Clerks are to have access to the entity filter you created in the Step 1, create a filter where Role = Law Clerk
- Click Save Filter... type a descriptive name in the field provided
Step 3 - Apply permissions to the user filter
- Still in the User List - locate and hover over the filter you created in Step Two above
- Click •••
- Click Set Permissions from the options provided
- Follow the instructions in the Set Permissions modal
⚠️ WARNING: A user who creates an entity will always have view and edit permissions for that entity, regardless of any subsequent permissions which are set for that user
For example, Jane Smith creates ABC Inc. but is later added to a filter that attempts to restrict Jane's ability to edit the entity, she will still be able to edit the entity
Solution: To restrict permissions to the entity created by a user who no longer should have access, export the Entity from the account. Have another User re-import the Entity - the User who re-imports the Entity becomes the Creator thereby restricting access to the original Creator
How do I create an ethical wall to prevent a specific user from seeing a specific entity?
Note: By default, users do not have permission to view any entities in the system. This accords to the principle of least privilege. Accordingly, positive steps must be taken to grant a user access to one or more entities. Admins always have access to all users and their access cannot be restricted.
Permissions in MinuteBox are extremely powerful and dynamic, allowing for incredibly granular permission structures. There are many ways to accomplish the same end. This article provides one example on how to create an ethical wall to prevent a specific user from seeing a specific entity.
If you are not yet familiar with permissions, generally, please be sure to read our article titled How do I set permissions for users for an introduction.
Note: Permissions in MinuteBox are cumulative. This means that if a user is given permissions across multiple User filter groups for the same entity, that user will have maximum permissions granted. E.g. If Jane has permissions to View an entity in one permission set and permissions to Update and Edit the same entity in another permission set, Jane will have permission to View, Update and Edit that entity.
Accordingly, to prevent a user from accessing one or more entities pursuant to an ethical wall, you accomplish this through negative, rather than positive action. I.e. you accomplish this by ensuring to not grant the user access permissions rather than taking specific positive action to restrict the user.
1. Give general permissions to some or all users
- Create a User filter that includes all users except the user you wish to restrict.
- Grant those users View access to some or all entities in your account, including the ones you wish to protect with an ethical wall.
2. Give restricted access to users subject to an ethical wall
- Create a User filter that includes only the users subject to an ethical wall.
- Create an entity filter with all the entities you want to give those users access to (i.e. ensure the that entities subject to an ethical wall are not included in that entity filter).
- Give that User filter group permission to the restricted group of entities.