Roles, Permissions and Accessing Contacts and their data
The overarching framework in use here is that some users should be restricted to only access contacts for whom they have an appropriate 'relationship chain'. For example, Mary is Officer for Electorate X, and can therefore only access contacts who are 'member of' Electorate X.
Mary is Electorate Officer for Electorate X which is Electorate of John, Alice, Louise and Barry.
Hence Mary can access data about John, Alice, Louise and Barry, but no one else. If Barry moves, and hence gets an 'Electorate is' relationship to another Electorate, then Mary loses access to his information.
And this approach can 'cascade' ie a Province Officer could see the contacts who are in any of the electorates that are connected to the Province.
In addition, Drupal permissions are used to determine if a user has access to CiviCRM itself, or only to see their 'permitted contacts' through Views and Webforms.
The Drupal permissions also let us specify if a user can View or Edit things like Contributions, Memberships etc in CiviCRM itself. Whether or not they can access View displays of such data is determined by the Views settings.
Therefore a user could have access to CiviCRM, but not to Membership in CiviCRM, yet still be allowed to 'see' Membership Status via a Views display of their permitted contacts.
NOTE: This is purely an example of the combination of Roles and Permissions that can be deployed. Each site will get their own unique combination to meet the requirements.
The Roles in use here are as follows:
This is the role that most users will get when logging on to the Demo site. It is primarily there as an 'entry point' so that you can then Masquerade as a user with one of the other Roles.
Volunteer (Read Only)
This role is the most restricted and will find ONLY contacts in the specified Geographic area, and will only be able to 'view' Contact's data, but not change data, but can still 'add Activities' etc.
This role will find ONLY contacts in the specified Geographic area but can edit their Contact Details, but not view Contribution. They can view Membership data.
This role is restricted in terms of which CiviCRM contacts you will see. Each Officer has a relationship to a specified Geographic area (a CiviCRM contact which represents a Branch or Electorate etc). They will therefore ONLY see contacts that are related to that same area. They can see Membership and Contribution data.
This is the most empowered role. Using this role you will have access to nearly all features in CiviCRM and have access to ALL civicrm contacts.
The table below summarises some of these options.
|Less Access||>||>||>||More Access|
|Tester||Volunteer (V)||Volunteer (E)||Officer||CRM Admin|
|Access CiviCRM directly||No||No||No||No||Yes|
|Contacts they access||Own record||Contacts in 'electorate'||Contacts in 'electorate'||Contacts in 'electorate'||All contacts|
|Name/Address etc||Edit Own||View||Edit||Edit||Edit|
|Contributions||View Own||View Own||View||Edit||Edit|
|Memberships||View Own||View Own||View||Edit||Edit|