About Permissions

Fusion Manage uses permissions to control user access to your site data based on individual workspaces. All users require an authorized account to access workspace data, but the permissions associated with an account dictate which data the user can access and how.

This permission-based access control allows you to customize the functionality of Fusion Manage for different users of your site. Take the example of a Project Costing workspace in which you want only users with a project costing role in your organization to access costing data and perform costing tasks. To deny access to the workspace by all other users, grant the required permissions only to the project costing users . Alternatively, if you want to allow all users to view costing data but not edit it, grant read access to all users and grant read-write access only to users who perform project costing tasks.

Core Elements

The Fusion Manage permission management system allows you to control user access in a way that mirrors the varying responsibilities of your employees or members of your organization. Utilizing the core elements of the system—Users, Groups, and Roles—you can create different collections of permissions to reflect these responsibilities, and then associate the collections to your users accordingly.

Below is a visual depiction of these core elements and how they work together, followed by descriptions and examples of these elements.

Core elements of system permissions

Permissions

A permission in Fusion Manage is an action a user can perform, such as viewing, adding, editing, and deleting data. Workspace permissions reflect functionality for managing items in workspaces. Special permissions reflect global functionality, such as running imports and sharing reports. These permissions are already set up on your site and categorized according to functional area. For example, the Relationships category contains the Add Relationships, Delete Relationships, Edit Relationships, and View Relationships permissions. To view a list of all pre-defined permissions, see Workspace Permissions.

Another type of permission in Fusion Manage is workflow permissions. These permissions limit who can and cannot perform certain actions in a workflow (also known as transitions). You grant workflow permissions to users the same way you do workspace permissions. The difference is that you can define your own workflow permissions and assign them to one or more transitions according to your specific needs. For more help on workflow permissions, see Workflow Permissions.

Roles

A role is a collection of permissions you define for a certain workspace based on the functionality you want to enable in the workspace. Roles can contain both workspace permissions and workflow permissions.

Take the example of a Customers workspace that stores customer details and customer subscription information. To reflect these two separate functions within the workspace, set up two separate roles. A Customer Details role contains permissions like viewing, adding, and deleting customer details. A Customer Subscriptions role contains permissions for linking customers in the workspace to purchased subscription items stored in another workspace.

Groups

Groups consist of one or more assigned permission roles and, by extension, one or more collections of permissions. You can create groups to mirror departments or divisions within your company or organization and assign your users to groups in meaningful ways.

An example of a group is Customer Registration, which is assigned the Customer Details role and an Address Details role. Address Details contains permissions similar to Customer Details, but its permissions apply to a different workspace that contains address data (Addresses). By assigning roles to the Customer Registration group in this way, you can associate both Customer Details and Address Details responsibilities with a user in one simple step. Another example of a group is Customer Purchases, which is assigned the Customer Subscriptions role.

Users

A user represents an individual person with an account for signing in to your Fusion Manage site. By adding a user to one or more groups consisting of roles, in just a few steps you can grant the user permissions that mirror his or her responsibilities.

An example of a user is a Sales Representative whose responsibilities consist of managing customer registrations and subscriptions, as well as sales leads. To grant this user permissions consistent with these responsibilities, add the user to the Customer Purchases and Customer Registration groups, as well as to a Lead Management group. The Lead Management group is assigned the Sales Lead Details role, which consists of the permissions required by the user to access and manage data in the Sales Leads workspace.

Granting a user's permissions consistent with the user's responsibilities

Note: For more guidance on setting up permissions on your Fusion Manage site, see Best Practices.

License Types

License Types help you manage and effectively allocate your Fusion Manage user licenses. There are two types of license, Participant and Professional. Every user with access to your site must be assigned one of these licenses. Once you have assigned all your user licenses, you cannot add any more users.

Participant

Users access workspaces according to their permissions setup, but that access is automatically restricted to view-only functionality.

Professional

Users have no additional restrictions placed on their permissions.