In this guide we are going to provide you with the following information;
- What are Roles & Permissions
- Where to find Roles & Permissions
- How to Navigate Roles & Permissions
- Amending the Permissions
- Allocated Users
- User Access Control
- History and Audit Report
See also: How to Edit a Role and its Permissions , How to Assign Roles and How to Manage Roles in Vision.
Access: In order to access Roles & Permissions, you will need access to it within the Setup Module of Config>Setup>Roles & Permissions.
What are Roles & Permissions
- In order to log in to Bromcom, each staff member first needs a User Account.
- The User Account then needs to have at least one Role assigned to it for the staff member to be able to navigate the MIS.
- Lastly, a Role is comprised of multiple Permissions, these dictate what can be seen/access by staff members with that particular Role.
For example, you may have a Role on Bromcom called SENCO and the staff members with that Role now need to be able to create a Behaviour Event for a student. You would go to Roles & Permissions and enable the specific Permission that allows the SENCO Role to add a Behaviour Event.
So when a staff member says ‘I need access to access the Cover Module‘, you are not giving them access to it, you are giving one of their Roles access to it. This means that any other staff members who share that Role will also now have the same access.
Ultimately, think of it as a chain. Staff members are given Roles and Roles are controlled by Permissions.
Where to find Roles and Permissions
To access Roles & Permissions, you need to go to Config>Setup>Roles & Permissions from the side Menu.
Note: If you cannot see Roles and Permissions then you will need to ask your System Administrator to enable it for you or assign you to a Role which does have access to it.
This will load the following screen where you will be presented with some options;
- New – Allows you to create a New Role manually.
- Export – Allows you to Export a Role from your system (retaining the specific permissions assigned to it).
- Import – Allows you to Import a Role to your system (retaining the specific permissions assigned to it).
- Audit Report – Allows you to run an Audit Report to see changes made to User Accounts and Roles. See the section on History.
For now, ignore the above and focus on the Roles drop down that says Not Selected.
Clicking on the Roles drop down will show you every Role currently on your system.
Note: Administrator is the only Role which cannot be Edited or Deleted because it has been designed especially to have total access of the system and some of the Permissions are hard coded to it.
Once you have selected the Role you wish to Edit, two further options will appear at the top of the screen (Edit and Delete).
Press Edit.
Pressing Edit will provide you with the Edit Role screen which is quite large and will be explained in further detail as we progress.
How to Navigate Roles and Permissions
Once you have selected the Role and pressed Edit, you will see Module: Administration, followed by a table of Permissions with tick boxes.
The Module drop down that you see is a direct reflection of the Modules within the MIS, meaning that the Module you select here means you will be amending the Permissions related to it.
For example, selecting Attendance refers to what you see in Modules/Config/Reports>Attendance and selecting Behaviour refers to what you see in Modules/Config/Reports>Behaviour.
Each Module and an example of what it controls is listed below;
- Administration – Controls actions/functions found within Modules or Config>Administration such as Finalise Admissions.
- Analysis – Controls actions/functions found within Modules or Config>Analysis such as PowerBI Configuration.
- Assessment – Controls actions/functions found within Modules or Config>Assessment such as View/Amend Assessment Data.
- Attendance – Controls actions/functions found within Modules or Config>Attendance such as Manage Attendance.
- Behaviour – Controls actions/functions found within Modules or Config>Behaviour such as Detention Review.
- Census – Controls actions/functions found within Modules>Census such as Learning Hours Maintenance.
- Communication – Controls actions/functions found within Modules or Config>Communication such as Watchlist Process.
- Cover – Controls actions/functions found within Modules or Config>Cover such as Special Event Codes.
- Curriculum – Controls actions/functions found within Modules or Config>Curriculum such as Tutor Group Promotion.
- Diary – Controls actions/functions found within Modules or Config>Diary such as Manage Equipment.
- Dinner – Controls actions/functions found within Modules or Config>Dinner such as Meal Definitions.
- Examination – Controls actions/functions found within Modules or Config>Examination such as Seating Organisation.
- Finance – Controls actions/functions found within Modules or Config>Finance such as Cost Centre Ledger Links.
- Framework – Controls actions/functions found within the Framework areas (the spine) of Bromcom. These include Students, Staff, Groups, Others (all found via side Menu), Versions and About (both found via User Profile Menu).
- MCAS – Controls actions/functions found within Modules or Config>MCAS such as Requested Changes.
- Profile – Controls actions/functions found within the Profile area of Bromcom which is essentially the Home Dashboard Staff see when they log in, such as the Attendance Dashboard or Insight Widgets.
- Reporting – Controls actions/functions found within the Reporting Module itself such as Web Merge Report.
- Report Design Permissions – This is additional sub section within Reporting and allows you to control which specific Domains (areas of data) Users can access to Report on/create Reports for.
- Setup – Controls actions/functions found within Modules or Config>Setup such as Daily Maintenance Settings.
- Student Portal – Controls actions/functions found within Modules or Config>Student Portal such as Learning Resources.
- Support – Controls actions/functions found within Config>Support>Document Templates.
Once you know which Module you need to navigate to, click on it.
Amending the Permissions
Depending on the Module that you select, the table of Permissions will change to update all of the different functions/areas that exist within it.
Note: This Table always shows but is controlled by the Module that you select.
You will notice that some Permissions have tick boxes the following headings;
- Access – Provides the ability to see the action/function within an area such as Actions>Send SMS/Email from the Students List page.
- New – Provides the ability to create a new record/entity within an area such as Groups>New.
- Edit – Provides the ability to amend a record/entity within an area such as double clicking on a Contact to edit their details.
- Delete – Provides the ability to delete a record/entity within an area such as the Bin icon that appears when you hover over a Contact before editing their details.
- Save – Allows you to Save a record/entity within an area such as Adding User Defined Fields.
Note: if a staff member says that they can see the area they want but can’t Add or Edit anything, it is highly likely that they are lacking Permissions for New, Edit or Save and only have Access.
You can also tick one/all of the five headings to tick/enable all Permissions under it should you wish (only do this when you are 100% happy for staff members with the Role to have full access to the Module).
Allocated Users
When you are editing a Role, as you scroll down you will see an Allocated Users section.
This tells you which Users/staff members within your system are assigned to the Role you are currently editing.
You can add more Users to this Role in this area by pressing Add New User if you wish.
You can also Delete Users in this area by pressing the Red Bin Icon if you wish.
User Access Control
And lastly, the final Part is User Access Control.
This allows you to set specific days/times that the staff members with this Role can log into the system. You can also set specific IP Addresses (locations) which staff members must at in order to log in.
For example, if you only want Users to log in from school and not at home, you would set the School’s IP Address in the Location Based Access Controls area on the right.
Important: Whatever changes you are making and whichever Permissions you are enabling, please ensure that you Save the page each time.
Once changes have been made to a Role, staff members with that Role must log out of Bromcom completely and log back in to see the changes take effect.
History and Audit Report
To see a History of changes made to a role with the ability to export click on the top right History
A pop up will show the History of changes made.
Click Export
The file will then download as an excel worksheet to your local computer.
Alternatively, click on the Audit Report button from the Roles and Permissions page to see changes made to all User Accounts and Roles.
The Audit Report defaults to list changes over the last 7 days. In here, a user can Filter/Reset by Column header, Sort by Column, Search by keyword, Clear Column Filters, and Export as Excel.
Click on Filter in the top left hand corner to see the Audit Report Filters popup where you can: View By [By User Accounts to filter on User Accounts, and By Roles to filter on Roles and Modules], and amend Date Range. Click Save after any changes.
Applied Filters will appear in green in the top left hand corner next to the Date Range.