User roles and item permissions
For container-level roles, administrators can configure item permissions for each role. The following table provides information about the available permissions:
|Permission Name||Item name||Description|
Enables the user to view or edit all items of the selected type in the container.
For example, if the selected item type is Incidents, the user can view or edit all incidents in the container.
|Assigned to Team's Items||Enables the user to view or edit items that are assigned to the teams to which the user belongs.|
Enables the user to view or edit items assigned to the themselves.
|Linked to user|
Enables the user to view or edit the items that are linked to the contact of the user. If this option is enabled, to view or edit the records, the value of the primary key for the contact linked to the record must match the user ID that is used to log on to the FootPrints system.
For example, the primary key of the user is specified as the email address in the address book (email@example.com). This email address is also the username by which user logs on the FootPrints system. In this case, the user can view any tickets that have the contact as the email address (firstname.lastname@example.org).
|Submitted Items||Enables the user to view or edit items that they submitted.|
|Pending approval by user|
(View only) Enables the user to view items that are currently pending their approval.
|Global items||Enables the user to view or edit all global items.|
Enables the user to view or edit all items that have the same organizational unit, which is specified in their contact record.
|Create||Global items||Enables the user to create global items.|
Enables the user to copy items or move items to another record type within the same container to another container.
Note: The users can only move items within the same container type.
|Unlock||Enables the user to unlock items that are being edited by another user.|
|Delete||All||Enables the user to delete all items.|
|Submitted Items||Enables the user to delete items that they submitted.|
|Organizational Unit||Enables the user to delete all items that have the same organizational unit, which is specified in their contact record.|
|Subscribe to global items||Enables the user to subscribe to global items selected by the user.|
- If no workflows are configured, only the item permissions are applied.
- Workflow permissions must be applied only if the workflow is defined and active and the record is in an appropriate state.
- When workflow permissions are applied with item permissions, item permissions are checked first, and workflow permissions are additionally applied to restrict what is allowed by the item permissions.
For example, if the item permissions enable the user to edit items in all states, workflow permissions can be used to restrict users from editing items in the Closed state.
- Item permissions take a precedence over the workflow permissions.
For example, if the item permissions do not allow a user to view records, but the workflow permissions allow to view tickets in Closed state, the user cannot view the items in the Closed state.