Create and change user permissions
Kompass is a permission-based platform that provides our customers with the ability to precisely define the access rights for each user. This means that users can be granted specific permissions, such as viewing, editing, or deleting certain data, while also restricting access to sensitive information. This level of control ensures that the right people have the right level of access to the right information, maintaining security and confidentiality.
Now, let's delve into the detailed steps required for creating and modifying permissions for your users. By following these steps, you can ensure that your users have the appropriate level of access to perform their roles effectively within the platform.
Creating permission groups
A permission group is a collection of permissions that can be assigned to your users. For example, you might have a permission group with all permissions needed to create, edit, and delete equipment. Or another permission group might provide full access on the expenses module. To create a permission group, head to your /api/admin account and select "Groups" under "Authentication and Authorization" (1). Click "Add group" to create a new permission group (2).
In the new screen, you can set the name of the new permission group (1), find all available permissions (2), choose the permissions you need for your permission group (3), and assign them to the users you want to have such permissions (4), (5). You can select or remove permissions and users by using the available arrow buttons (6), (7).
Once the permission group is saved, you will be able to also assign it to users from the frontend. Just edit the user and select the permission groups you need (1).
Changing permissions of existing permission group
Select the permission group you want to change, and add or remove permissions (3), (4) by using the arrow buttons. Click "Save".
Note that if you want to create a permission group that is similar to an existing one, it would be faster to edit the existing permission group and click "Save as new". That way, the existing permission group will not be changed, and the new one will have the permissions you need.
Types of permissions
At the time of writing, there are over 750 different permissions available in Kompass. Therefore, it will not be possible to cover all of them in this article. However, we will present the most common ones and describe some of the most frequently used keywords in the table below.
| Keywords | Description |
| Can add... | Allows to add the feature you are selecting. Some of them can be only added via the API Admin (like departments, services, project categories) while other can be added from the frontend (create a project, a new employee's account, a new equipment etc.) |
| Can change... | As above but that allows editing the existing records. In some occasions you can select what users can edit based on their job role and department. For example, department managers can be able to only edit timesheets of users assigned to their departments. |
| Can delete... | As above. |
| Can export... | These permissions allow users to export datasets like, users' list, projects, project performances etc. |
| Can view... | For any of the permissions above to work, users must also have the "can view" permission selected. No help really being able to create or edit a user account when you cannot actually view them🙂. |
At first, the large number of permissions can seem overwhelming, but by using the search filter in the permissions boxes, you'll soon be able to navigate through them. However, if you encounter any difficulties with permissions, please feel free to contact us.