| Group | Permission ID | Description |
|---|
| Accounts | account:delete | - Allows accounts to be deleted
|
| | account:read | - Allows account objects to be read
|
| | account:write | - Allows account objects to be created or updated
|
| Account Locations | accountloc:delete | - Allows account Location objects to be deleted
| Note |
|---|
The list of account locations that can be deleted is further restricted to those in work centers the logged in user is allowed to mange. |
|
| | accountloc:read | - Allows Account Location objects to be read
| Note |
|---|
The list of account locations that can be viewed is further restricted to those in work centers the logged in user is allowed to manage. |
|
| | accountloc:write | - Allows Account Location objects to be created or updated
| Note |
|---|
The list of account locations that can be updated is further restricted to those in work centers the logged in user is allowed to manage. |
|
| Alert | alert:create | - Allows alerts to be created
|
| Asset | asset:delete | - Allows assets to be deleted
- The list of assets that can be deleted is further restricted to those in work centers the logged in user is allowed to mange.
|
| | asset:read | - Allows assets to be read
- The list of assets that can be viewed is further restricted to those in work centers the logged in user is allowed to manage.
|
| | asset:write | - Allows assets to be created or updated
|
| Field-Fields | flexfield:delete | - Allows Flex-Field definitions to be deleted
|
| | flexfield:read | - Allows Flex-Field definitions to be read
|
| | flexfield:write | - Allows Flex-Field definitions to be created or updated
|
| Flex-Forms | flexform:delete | - Allows Flex-Form definitions to be deleted
|
| | flexform:read | - Allows Flex-Form definitions to be read
|
| | flexform:write | - Allows Flex-Form definitions to be created or updated
|
| Gantt | gantt:read | - Allows the Gantt chart to be read
- The Gantt view is further restricted to the work centers the logged in user has access to
|
| | plannermap:read | - Allows the logged in user to view the planner map
|
| Reports | report:geolocation | - Allows access to the GEO Location Report
|
| | report:timesheet | - Allows access to the Time Sheet Report
- The report is further restricted to the work centers the logged in user has access to manage
|
| | report:timesheetsummary | - Allows access to the Time Sheet Summary Report
- The report is further restricted to the work centers the logged in user has access to manage
|
| System Categories | syscat:delete | - Allows system categories and activities to be deleted
| Note |
|---|
Some system categories have reserved codes that can not be deleted from the system. Please refer to the system category documentation for specific details. |
|
| | syscat:read | - Allows the logged in user to view the system category management section
| Note |
|---|
In order for the system to run, every user has read access to all system categories. This permissions is simply controlling whether or not the System Category Management section in the Nexus UI is visible. |
|
| | syscat:write | - Allows system categories to be created and updated
| Note |
|---|
Each system category can impose further rules on write access. Please refer to the system category documentation for specific details. |
|
| Timecard | timecard:approve | - Allows the logged in user to approve a user's timecard
- The feature is further restricted to the work centers the logged in user has access to manage
|
| | timecard:decline | - Allows the logged in user to decline a user's timecard
- The feature is further restricted to the work centers the logged in user has access to manage
|
| | timecard:read | - Allows the logged in user to view a user's timecard
|
| | timecard:reopen | - Allows the logged in user to re-open a user's timecard
- The feature is further restricted to the work centers the logged in user has access to manage
|
| User Management | user:changepassword | - Allows the logged in user to change (set) a user's password
| Warning |
|---|
It is not recommended to allow another user (even admin) to specifically set a user's password. The preferred way is to use the reset password feature. This will prevent the admin from ever knowing a user's password. |
|
| | user:delete | - Allows the logged in user to delete a user from the system
|
| | user:read | - Allows the logged in user to view all user's in the system
|
| | user:resetpassword | - Allows the logged in user to reset a user's password.
When a user's password is reset, and email it sent to the user with a link instructing them to reset their password. |
| | user:write | - Allows the logged in user to create and update a user object
|
| | user:assignroles | - Allows assigning and removing security roles from users.
| Note |
|---|
This permission should only be assigned to an administrator. |
|
| Work Center Management | workcenter:read | - Allows viewing the list of available work centers
|
| | workcenter:delete | - Allows the logged in user to delete a work center from the system
|
| | workcenter:assignmanager | - Allows the logged in user to assign other user's as manager for a work center
|
| | workcenter:write | - Allows the logged in user to create and update work centers
|
| Work Order Management | workorder:delete | - Allows the logged in user to delete a work order
| Note |
|---|
The list of work orders that can be deleted is further restricted to those in work centers the logged in user is allowed to manage. |
|
| | workorder:read | - Allows the logged in user to view work orders
| Note |
|---|
The list of work orders that can be viewed is further restricted to those in work centers the logged in user is allowed to manage. |
|
| | workorder:write | - Allows the logged in user to create or update a work order within the system
| Note |
|---|
The list of work orders that can be updated is further restricted to those in work centers the logged in user is allowed to manage. |
|
