Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Instructions to Restrict Access to the Main Tool

Updated: 9/302014

Applies to SSP v2.5.2 or later

Purpose: 

By default, the Main Tool is available for any users that can access the SSP portlet.  In some cases, the data may not be suitable for every SSP user.  New permissions added to SSP in v2.5.2 allow users to access SSP tools like Journal and Action Plan without accessing the Main Tool.  The instructions below describe how to remove the Main Tool from a SSP role.  The below are an example for the Support Staff role, but any role could be adjusted.

Permission Comparison


PERSONPERSON_FILTERED
  • Student Search
  • Add and Edit Student
  • Coaching History Report
  • Main Tool
  • Student Search
  • Add and Edit Student

Steps

  1. Remove the PERSON permissions from the desired group (Support Staff in the example)
  2. Add the PERSON_FILTERED permissions to the desired group (Support Staff in the example) 
  3. Clear the permission caches


Step 1: Remove the PERSON permissions

  1. As an administrator, navigate to Manage Users -> Manage permissions
  2. Use Ctrl+F to find the "PERSON_READ" permission. Click it.
  3. You will see a list of SSP roles with the PERSON_READ permission
  4. Select Edit in the row for SSP_SUPPORT_STAFF
  5. Click the Choose Principals buttons
  6. In the right column named "Your Selections" hover SSP_SUPPORT_STAFF and click on the red icon with the dash symbol in the middle. This will remove the role from the list.
  7. Click the Submit button in the lower right corner when finished
  8. Confirm that the SSP_SUPPORT_STAFF role has been removed.  If not, change the selection from Grant to Deny
  9. Choose the Manage Users link again from the top menu
  10. Repeat for PERSON_WRITE


Step 2: Add the PERSON_FILTERED permissions

  1. As an administrator, navigate to Manage Users -> Manage permissions
  2. Use Ctrl+F to find the "PERSON_FILTERED_READ" permission. Click it.
  3. Click on Add an Assignment
  4. Type in All Permissions in the entry box
  5. Click the Submit button
  6. Click the Choose Principals buttons
  7. Select SSP Roles in the Groups list
  8. Select SSP_SUPPORT_STAFF
  9. Click the green plus icon near the top to add the group to the Your Selection box on the right
  10. Click the Submit button in the lower right corner when finished
  11. Select grant for the SSP_SUPPORT_STAFF ENTRY
  12. Choose the Manage Users link again from the top menu
  13. Repeat for PERSON_FILTERED_WRITE

Step 3: Clear caches

  1. Log in to the application as a super user and expand the flyout menu in the top right and select "Platform Administration"
  2. Click "Manage Cache instances"
  3. Click "Empty All Caches"
  4. Click "Empty All Caches" (again)
  • No labels