workflow:permissions

Permissions editor

The Pyrus permissions editor lets you determine who has what level of access to a form and the requests that it generates.

Pyrus has a set of default permissions. For example, a user with supervisor rights can see every task created within the organization, and a form administrator can see all tasks based on that form. Read the article Who Can See My Task to learn more about default permissions.

The permissions editor lets you go a step further, doing things like hide parts of the form from certain users, or give different people different levels of access to the form register. This way you can include clients and observers, like quality assurance managers and auditors, into your workflow.

Suppose a company that provides workflow management software to restaurant chains. When something goes wrong, restaurants reach out to their respective dealers or to the company’s support service. Both the company and the dealers manage the restaurants’ help requests in an integrated Pyrus service desk.

Everyone in this workflow needs access to these requests. But while the company needs to see every request, the dealers only need access to partner restaurant requests, and the chains are only interested in the requests coming from their own restaurants.

This problem can be solved by giving each of them one of the following levels of access.

Member

Who needs it:

Call center operators and company employees.

Member-level access is for employees who aren’t in the workflow but need to be able to fill out a form. For example, company employees with member access can resolve technical issues by filling out a service ticket form and sending a help request to the company’s support service. Or the company’s call center operator can use member-level access to register client requests. The operator opens an empty request form, fills it out according to what the client says over the phone, and sends it down the workflow.

Members can:

  • Create new requests.
  • See requests they participate in.
  • Read and add task comments, both internal and external.

Members can’t:

  • Change form settings.
  • See requests they don’t participate in.

Pyrus tip: Employees who are part of the workflow are members by default. They can create requests, see the requests they participate in, and add comments. If a person isn’t in the workflow but needs to create new requests, they need member-level access rights. Alternatively, you can make the form visible to all company‎ employees.

Guest

Who needs it:

Restaurant chain supervisors who monitor the restaurants’ requests. This level of access lets the company give the client access to the restaurants’ service tickets while hiding confidential information like internal conversations, workflow specifics, and the dashboard.

Guests can:

  • See all requests based on the form, or a specific group of requests if the guest has conditional access.
  • Leave comments in the request.
  • See messages from the support specialist and the client, if they’re corresponding via email or a messenger.
  • Create new requests.

If you need the quality assurance manager to only see the requests of his or her restaurant chain, set the corresponding condition:

Guests can’t:

  • See internal correspondence, such as messages sent between company employees or support specialists.
  • See the dashboard.
  • See or change form settings.

Manager with restricted access

Who needs it:

Dealers’ customer service managers. This level of access gives them the ability to monitor the requests and dashboards of their partner restaurants. Unlike guests, they have access to in-company correspondence, and can participate in it.

Managers with restricted access can:

  • See requests they have access to according to the specified conditions.
  • See and take part in internal correspondence.
  • See the dashboard.
  • Create new requests.

If you need the dealer’s managers to only see the requests of their respective restaurant chain, set a condition:

Managers with restricted access can’t:

  • Change form settings.
  • See requests they don’t have access to according to the specified conditions.

Manager

Who needs it:

The company’s customer service managers, so that they have access to service tickets that restaurants send to the dealers. This way, the managers can see all service requests and understand how well the dealers handle the restaurants’ service tickets.

Managers can:

  • See all requests based on the form.
  • See and take part in internal correspondence.
  • See the dashboard.
  • Create new requests.

Managers can’t:

Change form settings.

Administrator

Who needs it:

The company’s support specialists and technical professionals. This level of access grants someone full control over the company’s service desk.

Administrators can:

  • See all requests based on the form.
  • Read and take part in internal correspondence.
  • See the dashboard.
  • Create new requests.
  • Change form settings, add/delete fields, change approvers and workflow steps, and grant access rights.
  • Change the contents of immutable fields.

Setting up permissions

To open the permissions editor, go to the form’s settings and click on Edit permissions.

It’s a lot like the workflow editor, but without steps. In the Members column, add the people you want to grant access to, then assign them the appropriate access level in the Permissions column.

Click on Add condition to determine the circumstances under which members will have access to requests.

Select the field you want to assign a condition to. In our example, we wanted the restaurant chain supervisor to only have access to requests from his chain, so we chose the “Restaurants” catalog field, the condition “=”, and then the name of the restaurant chain from the catalog:

By adding a condition column, you also enable the “Manager with restricted access” permission level. This level of access is unavailable without a condition.

You can give access to the form not only to the people listed in the editor, but also to your entire organization:

If the form is accessible to all company employees, each of them can find it in their Forms section. The default level of access for each employee is Member, meaning they can create requests and participate in internal correspondence.

If the form is only accessible to people listed in the permissions editor, then other company employees can’t see it in their accounts. Meanwhile, those who do have access to it can see it in their Forms section, next to a lock icon.

Sometimes you’ll need to include someone in your approval process who’s not using Pyrus, like a contractor or a client. Send them a shareable link that will let them register in Pyrus and gain access to the form.

Go to the form’s permissions editor, click on Enable shareable link, then copy the link and send it to anyone else who needs access.

They will automatically get Member level access, meaning they’ll be able to fill out the form and leave comments. They will also appear on the Members list. You can change their permission later if the situation calls for it.

Was this article helpful?

Yes, thanks! No, I have a question