User Settings
      Back to home
      1. Help Centre
      2. Getting started & Resources
      3. User Settings

      Setting up a Restricted HR User

      This article shows how to set up a Restricted HR User within Cezanne HR. You can change any existing user's Security Role to Restricted HR Professional or you can add a new user account.

      It contains the following sections:

      1. Adding a New Restricted HR User
      2. Setting up User Security Policy
      3. Preview your Policies: Example

      1. Adding a New Restricted HR User

      Navigate to Administration >> Users.

      1. Select Add New User.
      Users - Cezanne OnDemand - Opera
      2. To add an Internal User, click the search option next to Person Name to look for the person you are setting up the account for. You can also add an external user, just change the Internal User slider to OFF and then enter First Name and Surname.
      3. Enter an E-mail address for this person. This is copied into the Username field automatically.
      4. Enter a sample password in the Password box.
      5. From the Security Role drop-down list, select a Restricted HR Professional role.
      6. Save the new user's record.
      7. Select Send Welcome E-mail so that the new user will be sent an e-mail which enables them to change their password and log in.
      1. Adding a New Restricted HR User

      2. Setting up User Security Policy

      1. Go to Administration >> Users.
      2. If you do not already have it selected, search for your new Restricted HR Professional user record.
      3. Select User Security Policy from the left hand menu.
      User Security Policy - cheryl.abrahams@omnicrom.com - Cezanne OnDemand - Opera
      4. Click Add New.
      5. Configure the user's policy by using the drop-down boxes.
      6. You can add more than one policy, just click Add Another. For example, this may be useful if you want to allow access to all people but one.

      Note:

      • A User Security Policy needs to be set up for each Restricted HR Professional user or they will not be able to access any people in the system.

      Available Settings:

      Type of Access  
      Allow Full Access Will give the user the option to view, edit, add and delete data for people in the policy.
      Allow View Only Will give the user the option to view, but not edit, add or delete data for people in the policy.
      Deny The user will not have any access to these people.

      Note:

      • 'Full' Access always overrides 'View' Access. For example, if you set Full Access to all people but View Access to a specific person, the user will be able to view and edit all information about that person.
      • 'Deny' Access always overrides the other two settings.
      Condition  Access Types   
      All People Full and View Every person in the system.
      People in Company Full and View Every person in a specific company.
      People in Company & Below Full and View Every person in a specific company and the companies that report to it.
      People in Location Full and View Every person in a specific location.
      People in Org Unit Full and View Every person in a specific org unit.
      People in Org Unit & Below Full and View Every person in a specific org unit and the org units that report to it.
      Specific Person Full, View and Deny One person in the system.
      HR Professional(s) Deny Only Every HR Professional's user and people record.
      Restricted HR Professional(s) Deny Only Every Restricted HR Professional's user and people record.
      For example, in the screenshot below, the Restricted HR Professional is being given full access to all people. Therefore they will be able to view and edit any person on the system.

      Note:

      • If 'Deny' access is selected for a person, the Restricted HR Professional will still see the person in Sets and Recent Items. However, if they select the person, no information will be displayed about them.

      3. Preview your Policies: Example

      When you want to see how your policy works for a particular user, you can click Preview in their User Security Policy.

      3. Preview your Policies: Example

      To illustrate how the policy works, the above screenshot has been set up so that the Restricted HR Professional has full access to all people, but also has no access to Shawn Acker.

      The screenshot below shows the screen after you press Preview. As you can see the People search has brought up all records. However, Shawn Acker is not in the results list as the Security Policy has denied access to his record.

      Note: