Permissions

About permissions

Permission groups control what information (screens and data fields) and functions a user may access. Users may only be assigned to one permission group. Institutions may create as many permission groups to fit their needs though the more permission groups the more labor-intensive upkeep required. Campus Café delivers a set of permission groups based on functional role, such as admissions and registrar. These groups are model examples and will likely need to be adjusted based on the institution’s specific business processes. Campus Café recommends copying these groups to preserve the delivered groups as examples.

When Campus Cafe launches new features, new permissions are often added. However, these are typically not turned on in permission roles by default to allow institutions to evaluate whether they wish to implement the feature and provide any necessary training.  

Permission to activities can be controlled by setting permission group access to activity tracking templates.

Video overview of how permissions work in Campus Cafe

Prerequisites

  • If your institution uses single sign on, users created in that platform.

  • User accounts (usernames) exist in Campus Cafe for people who need access to the platform.

Required permissions

Module

Number

Description

Module

Number

Description

System Admin

127

Create or modify permission groups

Create permission group

Permission groups control what screens and data a user can see and what functions they can perform. Campus Cafe delivers groups as models but you’ll likely want to create your own tailored to your institution’s business processes.

  1. Go to Admin > Permissions.

  2. Click Add Group.

  3. In Group Name enter a name for the group.

  4. In Description, enter a description.

  5. In Default Semester, optionally select the default semester to show in drop downs such as course registration.

  6. In Default Dashboard, optionally select the default dashboard to show upon logging in to Campus Cafe. If no dashboard is chosen, the value in Entry_Page in Adjustable Text Maintenance will be shown. For the default dashboard to take effect, Refresh Data Cache must be run. This automatically runs each night but may be run manually by navigating to Admin > Refresh Data Cache.

  7. In Default Texting Member:Template select an activity tracking template that will be used to send a text message if no other activity tracking template is chosen when a text is sent. Texting requires a third-party contract with MessageMedia.

    image-20240331-144452.png
    In this example, we’ve created a group called STLIFE for our Student Life staff. When they use Campus Cafe, the Fall 2023 semester will show by default in most of their drop-down menus. When they log in, they’ll see the Student Services dashboard. If they text and don’t select a specific activity, Campus Cafe will use the activity Text in the A tracking member.
  8. Click Save

 

Custom Portal Entry Page for Different Permission Groups

On the Permission Group Create/Edit screen, there is an html box that allows the Default Entry Page HTML from the Adjustable Text Maintenance settings to be overwritten for a specific Permission Group. What this allows an institution to do is set up different portal pages with different links, pictures, etc. based on a permission group. e.g. an “Applicant” permission group can have a different set of links vs. an Accepted or Enrolled students.

image-20240725-165803.png

 

Copy permission group

Copying a permission group duplicates all access of the original group. This is helpful if creating a group from a delivered group or creating a tweaked version of an existing group.

  1. Go to Admin > Permissions.

  2. In Copy from Group choose the group to model the new group on.

  3. In Copy to Group enter the new group’s name.

  4. In New Group Description enter the new group’s description.

  5. Click Copy Group.

Assign permissions to permission group

Campus Cafe is divided into smaller parts (modules) to make managing permissions easier. These modules can be thought of as roles within the permission group. By assigning modules to a group, it is possible to permit a module implicitly. The user is then only able to access the objects in that module. The security administrator may then remove or restrict the user from functions within the module as necessary.

Modules include broad areas such as admissions, registration, alumni, faculty and student. The global module provides access to features common across the platform (e.g. the ability to change their own password) while the my info module provides access to information unique to the individual (e.g. their own transcript).

Master list of permissions

Before assigning permissions to a role, familiarize yourself with the permissions available.

  1. Go to Admin > Permissions.

  2. Click View All Permissions.

  3. A list of permissions appears along with their associated module. You can optionally use the search box to locate a specific permission or export the list to Excel by clicking the Excel button.

Assign module to permission group

A module contains a set of permission to see and work with various data and screens. For example, the module Global contains access to many functions that all users of Campus Cafe may need.

Once you assign a module, you can drill into the module and control access to specific data or functions.

Permissions are generally provided when the module is granted to the group unless specifically removed or restricted to read only.

  1. Go to Admin > Permissions.

  2. In the leftmost column, click the permission group to assign a permission.

  3. In the middle column, click the module to assign.

  4. Click Add. In general, this provides access to all data and functions in that module to the permission group.

Control individual data or function access

Once you’ve assigned a module to a permission group, you can further refine what that permission group can see and do.

  1. Go to Admin > Permissions.

  2. In the leftmost column, click the permission group to modify.

  3. In the far right column, click the module to modify.

  4. With the module still selected, click Edit Group Permissions.

  5. In general, if a permission appears in the left box the user has access to the information (screen) or function. To restrict access to a screen or function, check the box next to the permission and click Add Read Only (RO) or Click Add No Access (NA). In the below example, the user won’t see the FERPA informational screen upon login.

  6. In general, permissions take affect immediately although the user will be required to log out and log in to see changes.

Examples

Delete permission group

Deleting a permission group completely removes it from the Campus Cafe. Before being deleted, all users assigned to the permission group must be assigned to other groups.

Once deleted, a group cannot be recovered.

  1. Go to Admin > Permissions.

  2. In the first column, click the permission group to delete.

  3. Click Delete Group.

  4. Click OK to confirm deletion.

Permissions reports

Campus Cafe provides a search and delivered base reports to view users and permissions. The search is best for identifying users in a specific group or small cohorts of users. The base reports offer more detail.

User search

  1. Go to Admin > Users.

  2. Search by any combination of last name, first name or permission group. Maximum results supported is 9,999.

  3. Click Submit.

  4. To edit a user's permission group or username, click the magnifying glass to the left of the user.

Base reports

  1. Go to Faculty/Staff > Base Reports or SSRS Reports depending on your configuration of Campus Cafe

  2. Enter your report credentials. These are unique from your username and password.

  3. Click OK.

  4. Click the System folder.

    • Permissions Listing by Group and Module shows all permissions assigned to the selected permission group(s).

    • SYUSER by Permission Group shows all users created within the specified date organized by permission group.

Tracking permissions

Tracking permissions provide access to workflow template members (activities) and allow users to select the activity from activity tracking buttons and view activities. Activity templates are created and organized by member. For example, all your admissions activity templates may appear in the member A for admissions.

You can create tracking permission groups to provide permission groups with access to one or more members. For example, your admissions office may only have access to member A, but your registrar’s office has access to both member A for admissions and R for registrar.

Add tracking permission

  1. Go to Admin > Tracking Perms.

  2. Click New Tracking Perm.

  3. In Group Id enter the permission group name.

  4. In the Member, select the member

  5. Optionally check Read Only to provide the group access only to view the members.
    (Selecting read only will make all activities within the member read only.)

  6. Optionally choose a specific template to exclude.

  7. Click Create.

  8. Repeat the process for other members the group will need access.

Edit tracking permission

  1. Go to Admin > Tracking Perms.

  2. Select the box next to the entry to edit.

  3. At the top of the page, click Edit Selected.

  4. Make adjustments.

  5. Click Update.

Delete tracking permission

  1. Go to Admin > Tracking Perms.

  2. Check the box next to the entry to delete.

  3. At the top of the page, click Delete Selected.