Access rights in HRSD
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 08:23 AM
We are working with the access right structure for Case Mgmt in HRSD.
As I understand it, out of the box all HR Professionals (users with the sn_hr_core.basic role) can read and write all cases.
Is that correct?
Do you have examples on other types of access models being implemented? Like access by Center of Excellence or Assignment groups?
//Tomas
- Labels:
-
Case and Knowledge Management

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 10:58 AM
Hello Tomas,
Yes that is correct - users with the HR basic will have read/write access to HR Cases. When it comes to things like Employee Relations Cases, you might typically want tighter access around those. So you would need to build out additional ACLs around their Cases/Services.
For example, we have an HR Call Center (Employee Resource Center (ERC)), that handle most of our Cases. When they create Employee Relation Cases themselves, they will have access to them up until the Ready State. But while in Draft (since that state is considered when the initial work/info is being entered), they have access to that type of Case.
Here is an example of one of my Read ACLs for Employee Relation Cases: (having the impersonate check is important and handy too)
Hope this helps - let us know if you have additional questions, etc.
Cheers,
-Rob
*If I have answered your question please click 'Correct'
*If I have given helpful information, please click 'Helpful'
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-26-2019 01:41 AM
Thanks! Did you also create specific roles for Employee Relations table?
//Tomas

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-26-2019 07:16 AM
Hey Tomas,
Yes we sure did! Probably more than normal as we are using 3 levels when it comes to our Employee Relations team. They have several reps that handle different things. So there is a lot of roles based on their level as well.
I also have additional roles for these groups as I created 3 related tables to have a relationship with the employee relations COE. These additional tables house things like interviews specific to their own cases, evidence, and union grievances. While we let these three tabs (related tables) be shown to any ER Case, each record can only reference the Case it was added to. That way everyone isn't seeing everyone else's records.
Quick example:
Level 1 can see ALL ER Cases, Level 2 can only see their level and level 3, and then of course, level 3 can only see theirs. BUT... If anyone in the lower levels needs to help out a higher level case, they are added as a collaborator and can only see the higher level case they are a collaborator for. So there was some additional work there for security
Hope this helps - please let us know if you need anything more 🙂
Cheers,
-Rob
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-23-2019 09:26 PM
Hi Tomas,
We created COE level ACL i.e. Read ACL . Kindly find below ACL :
PFA for ACL script .
There is another Table named HR access Mapping Table wherein depending on topic category and topic detail specific roles are assigned to Assignment group.
Thanks
Manasa