User types explained
Gjallar has had the ability to mark specific users as "reporters" which means that they can login and create cases - but they can't do anything more than that - they can't even track their own cases.
The advantages of using "reporters" are:
- The users can enter "structured information" using forms and fields which they can't do if they instead create cases by sending email to Gjallar.
- One need not worry about these users seeing information that they should not see, because they can't see anything at all. Security by... brute force. :)
The disadvantages are obvious - if you use Gjallar to track cases created by your customers (or other external organisations) you would of course like your customers to be able to login and follow what is going on with their cases. But they should not be allowed to see other cases, and they should only be allowed to use a certain set of limited functionality.
Beginning with Gefjon Gjallar has something called "user types" and a global registry of organisations which in combination solves the above problem (we like to think).
In Gefjon you can now as an administrator maintain a global list of organisations with their names and a textual description. It is trivial.
Then each user can be associated with one (and only one) of these organisations, or none. This has no immediate effect other than that the name of the organisation is shown in the tooltip which you see if you hoover over a user. The organisation is also shown under Settings>>Person, but the user can not change this, only the administrator can.
Users in Gjallar now has a "user type" and the following three types are available in Gefjon:
The type affects:
- What the user can see
- Which modifying functions that the user has access to
- How "My View" looks for the user
- Which main functions that are available in the table of contents to the left
Users are not marked as "Reporter" in a checkbox anymore, instead you set the user type to "Reporter" to get the same effect.
A "Reporter" works like before which means that they can log in and create cases in the processes that they have been assigned access to - but they can't track their cases or se any other information.
The only information they gain is the case number that the created cases are assigned.
An "External" user can do a lot more than a "Reporter", but is still highly limited. Just like a reporter an external user can create cases. An external user also has a "My View" but it is different from a regular user's, it has two panels:
- "Our non closed cases", all cases created by users from the same organisation that are not closed.
- "Our closed cases", all cases created by users from the same organisation that are closed.
Further an external user can:
- See all information about cases from its own organisation for example:
- All forms (tabs) and the History and Workflow tabs
- All notes on the cases
- Create notes on cases from its own organisation.
- Jump to a case from its own organisation given the number in the "Jump" field to the left. (if the global jump plugin is started)
- Create subscriptions for events, but only for a smaller subset of events. These subscriptions are only triggered for cases from its own organisation.
An external user can NOT:
- Edit cases
- Edit wiki help
- Follow links between cases if the linked case is not from its own organisation. Only the number of the linked case is shown (not status/stage) in this case. If the link is to a case in a different process that the user has no access to, the link is not shown at all.
- See of use modifying plugins shown below the case like for example "Take responsibility", "Move in workflow" etc
- See other cases than the cases that users from its own organisation has created.