Office Permissions
In 4HSE, the Office is a fundamental operational entity. Managing permissions at this level gives you the flexibility to delegate specific responsibilities to teams or individual employees operating in different locations. An Office permission is the “pass” that allows a user to act within that defined corporate space.
Permission Groups for the Office
Section titled “Permission Groups for the Office”To better organize roles, 4HSE provides several permission groups, divided into two categories.
Generic Roles
Section titled “Generic Roles”Define access to the entire Office. Available groups are:
- Manager: for those responsible for overseeing Office operations.
- User: for those who need to view Office data without modifying it.
- Guest: for limited access to certain sections.
- NA (No Access): for those who should have no access to Office data.
Area Roles
Section titled “Area Roles”These specific roles apply only to certain functional areas, such as training or maintenance. They allow you to create true specialists with targeted permissions.
- Training Manager, Training User, Training NA
- Health Surveillance Manager, Health Surveillance User, Health Surveillance NA
- Personal Protection Manager, Personal Protection User, Personal Protection NA
- Procedure Manager, Procedure User, Procedure NA
- Maintenance Manager, Maintenance User, Maintenance NA
Overview of Permissions
Section titled “Overview of Permissions”Generic Office Permissions
Section titled “Generic Office Permissions”| Group | Office Permissions |
|---|---|
| Manager | Read and write permissions Can modify data, add/remove users, and view reports NOTE: Adding/removing users is only possible if also a Project Admin. |
| User | Read-only permissions on Office data |
| Guest | Limited access to certain sections: Human Resources, Material Resources, Work Phases, Safety Organization Chart, and Actions |
| NA | No access to Office data |
Permissions for the “Training” Area
Section titled “Permissions for the “Training” Area”| Group | Training Area Permissions |
|---|---|
| Training Manager | Full control over training actions: can create, modify, and delete Has access to related data (e.g., associated people) |
| Training User | Can view training data and related entities |
| Training NA | No access to the training area |
Permissions for the “Health Surveillance” Area
Section titled “Permissions for the “Health Surveillance” Area”| Group | Health Surveillance Area Permissions |
|---|---|
| Health Surveillance Manager | Full control over health surveillance actions Has access to related data (e.g., associated people) |
| Health Surveillance User | Can view health surveillance data and related entities |
| Health Surveillance NA | No access to the health surveillance area |
Permissions for the “Personal Protection” Area
Section titled “Permissions for the “Personal Protection” Area”| Group | Personal Protection Area Permissions |
|---|---|
| Personal Protection Manager | Full control over personal protection actions. Has access to related data (e.g., associated people/PPE) |
| Personal Protection User | Can view personal protection data and related entities |
| Personal Protection NA | No access to the personal protection area |
Permissions for the “Procedures” Area
Section titled “Permissions for the “Procedures” Area”| Group | Procedure Area Permissions |
|---|---|
| Procedure Manager | Full control over procedure actions. Has access to related data (e.g., people/offices/material resources) |
| Procedure User | Can view procedure data and related entities |
| Procedure NA | No access to the procedure area |
Permissions for the “Maintenance” Area
Section titled “Permissions for the “Maintenance” Area”| Group | Maintenance Area Permissions |
|---|---|
| Maintenance Manager | Full control over maintenance actions: can create, modify, and delete. Has access to related data (e.g., offices/material resources) |
| Maintenance User | Can view maintenance data and related entities |
| Maintenance NA | No access to the maintenance area |
Inheritance and Flexibility
Section titled “Inheritance and Flexibility”As with Project permissions, Office permissions propagate to entities linked to it.
An Office Manager inherits Manager permissions on People and Actions linked to that Office. An Office User inherits User permissions on People and Actions linked to it.
Office permissions are an intelligent extension of Project permissions. A user with a User role at the Project level, which grants visibility on everything, can have a higher role (e.g., Manager) on a specific functional area of the Office, such as training. This allows them to view all corporate data but have write permissions only in the training area, a perfect model for sector managers.
Permission Propagation
Section titled “Permission Propagation”| Office Role | Action Role | Person Role |
|---|---|---|
| Manager | Manager | Manager |
| User | User | User |
| Guest | User | User |
| NA | NA | NA |
Permission Propagation from Functional Area
Section titled “Permission Propagation from Functional Area”| Action Role | Person Role |
|---|---|
| Manager | Manager |
| User | User |
| NA | NA |
How to Set Office Permissions
Section titled “How to Set Office Permissions”To configure permissions for an office in 4HSE, you can act on two levels.
1. Manage Permission Groups
Section titled “1. Manage Permission Groups”- Open the office of interest, navigate to Administration in the menu, and select Permissions.
- In the Groups section, you will see the list of generic roles (Manager, User, Guest, NA) that apply to the entire office.
- Select the role you want to manage.
- The Details section shows users already assigned to that group.
- To add or remove users, click the “new” button and enter their email.
2. Configure Area Permissions
Section titled “2. Configure Area Permissions”For more granular management, you can combine Project and Office permissions to limit access and write permissions to specific functional areas.
Here’s how to assign permissions to a user for the Maintenance Area while limiting access to other entities:
- Open the Office of interest, navigate to Administration in the menu, and select Permissions, then Groups.
- Select the Maintenance Manager permission group.
- The Details section shows users already assigned to that group.
- To add a new user, click the “new” button and enter their email.